On Mon, Jun 18, 2001 at 06:41:59PM +0200, Christian Jaeger wrote:
>
> Well, if the 'apt-get update && apt-get upgrade' wrapper doesn't take
> any input and resets the environment (is there anything else it
> should take care of?) then even if called by the cracker it wouldn't
> do anything else than upgrade the system the same way upgrades were
> happening anyway before the breakin. (Ok, there may be an issue with
> the changing inode numbers lids is depending upon and which would not
> get updated immediately after upgrading software.)
what if the attacker can poisen your DNS, or routing tables? then he
can trick apt into downloading his 37337 `security update' (more like
unsecurity update heh)
> And/or if I install a special shell binary that has capabilities to
> access the whole filesystem, but exits immediately unless called by
> sshd, then system administrators still can just login as root and do
> what they are used to do, without risking a hacker using the same
> tool because he (probably) didn't use sshd to gain access to the
> machine. (Of course, this requires 1. sshd not having a problem, and
> 2. making sure depending files like /etc/shadow, pam etc are
> protected, but that's what lids people propagate anyway).
>
> Am I wrong?
get root, run passwd root, ssh in.
> Of course if lids in fact can't deny access to disk devices then
> probably all is lost...
lids can, it adds new capabilities or else modifies one of the
existing ones. (at least last i read the FAQ that seemed to be
implyed).
--
Ethan Benson
http://www.alaska.net/~erbenson/
PGP signature
