Ingo Luetkebohle wrote:
>
> On Tue, Jan 23, 2001 at 09:02:40PM +0100, Jean Francois Martinez wrote:
> > _structurally_ unsecure like sendmail? By structurally unsecure I
> > mean big setuid root program. The more code you have running setuid
> > root the greater the chances a bug will have catastrophic
> You are actually making two assumptions here:
> 1) replacing the application will solve the problem
> 2) it isn't possible, or worthwhile, to fix the problems because
> of problems with the overall architecture of an application
>
> Assumption 1) has been heavily contested by other posters, especially
> with regard to proftpd. I second that.
>
> Assumption 2) is common with security folks who like 'clean' solutions
> (for obvious, and mostly good reasons). I personally don't regard it
> as a really good idea for the long-term, though. Obviously, one reason
> is the associated administrative cost which is not to be disregarded
> lightly -- many security problems are the result of overworked
> administrators and adding to their workload isn't really going to
> improve matters.
Won't the new capibilities settings in the kernel
fix a lot of this? Programs won't need FULL root
access, just the capabilitied necessary to do their
work. Try, It'll tak time for this to be implemented in
all apps, but the big ones with the most to gain buy
using it are also the ones that need it most, so they'll
be first to switch.
-Thomas
_______________________________________________
Redhat-devel-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-devel-list
