On Tue, 2003-03-04 at 19:05, Daniel Carrera wrote: > On Tue, Mar 04, 2003 at 04:38:24PM -0600, Alec Berryman wrote: > > > > Now, here is my idea. Create a third user, 'admin'. Add 'admin' to the > > > 'wheel' group instead of dcarrera, but give admin the ability to install > > > regular packages. In other words, admin would have write access to /usr. > > > > > > So, when I want to install a regular package I would su to admin. And > > > when I need to do something more (like modify /etc, /boot, /bin, etc) I > > > would su again to become root. > > > > Yes and no. The problem comes when a program tries to install > > system-wide settings to /etc. Everything from metalog to prozilla does > > this. Gentoo doesn't do much with installing into /usr/local, but you > > might want to investigate that if you are doing manual compilation. > > Are all system-wide settings in a particular directory? (e.g. > /etc/settings). If so, could I then create 'admin' and give him write > access to /usr and - say - /etc/settings ? Would that be a good idea? > (from the point of view of security).
Almost all system-wide settings are in /etc. The only notable exception I can think of off the top of my head is grub (in /boot/grub). From a security standpoint, I can't see that an 'admin' account would provide much of a security boost at all over normal root. If someone gets a hold of the 'admin' account, they can still wreak havoc on your computer by wiping important config files and the programs themselves. It's simply another point of failure. You'll still need to have root access to install lots of programs that need access to /var (like a MTA or logger), and you'll end up with a lot of confusing permissions. Check out the Gentoo Security Guide (http://www.gentoo.org/doc/en/gentoo-security.xml). Also check out sudo - it might be a lot of what you're looking for. In Gentooland, test out the new userpriv settings. I don't think an 'admin' account is what you're looking for. > > Protecting /boot is equally as easy - make it a separate, small > > partition and don't allow write access - or don't even mount it. > > Do I need /boot mounted to boot the system? > Can I just comment out the '/boot ...' line in /etc/fstab? You'll need an actual primary partition, preferably ext2, suggested size ~10MB. You can then uncomment that line in /etc/fstab after changing filesystem type and hard drive letter/number, move your current /boot to another directory, mount your new /boot as read/write (-o rw), copy files, and adjust your /boot/grub/menu.lst or /boot/grub/grub.conf. Good luck. Apologies for sending directly to your e-mail and not to the list. I also posted this message to gentoo-security - you might get a better answer there. -- Alec Berryman <[EMAIL PROTECTED]>
signature.asc
Description: This is a digitally signed message part