Re: [expert] Security or lack thereof
On Mon Jun 30, 2003 at 08:47:48PM -0700, Jack Coates wrote:
> > > > > homedirs... I wonder why it decided that read/execute perms
> > > > > was an ok thing to do.
> > > >
> > > > My mistake. I had msec level 2 on my workstation which is
> > > > why it was read/execute perms. Changing to level 3 gives
> > > > back the appropriate homedir perms.
> > >
> > > This sounds alot like that root window situation of mine recently. ;)
> > >
> >
> > Sorta... =) I thought for sure I was using msec 3 since that's what I
> > always use. Not sure why I had msec 2 on that machine. Wierd.
>
> Betcha you'd upgraded from 9.0 to 9.1, because I just found out from
> today's festivities that both of the machine's I've done it on are now
> at msec 2.
No, it was a fresh install. I don't do upgrades. =) Maybe msec 2 is the
default and I just never changed it.
--
MandrakeSoft Security; http://www.mandrakesecure.net/
Online Security Resource Book; http://linsec.ca/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp0.pgp
Description: PGP signature
Re: [expert] Security or lack thereof
On September 1993 plus 3590 days [EMAIL PROTECTED] wrote: > On Mon, 30 Jun 2003, Vincent Danen wrote: > >> This was done, IIRC, to allow people to have a ~/public_html/ directory and >> allow apache to enter the home directory so as to read ~/public_html/ (which >> would allow someone to do something like http://yoursite.com/~preador/). >> That's pretty much the reasoning for it IIRC. >> nothing stopping you from doing a higher security level or modifying the >> defaults. > > I always created a symlink in the user's home directory such as ln -s > /var/www/html/user /home/user/(public_html|html|www|whatever). I always > thought that was a rather useful solution, but I'm open to > criticism. The real problem with that is that you have to a) specifically give each user a web space when they request it and b) write perms inside your /var partition...and I really really *really* hate to give write perms to anybody in my /var partition/disk Vox the paranoid -- Think of the Linux community as a niche economy isolated by its beliefs. Kind of like the Amish, except that our religion requires us to use _higher_ technology than everyone else. -- Donald B. Marti Jr. pgp0.pgp Description: PGP signature
Re: [expert] Security or lack thereof
On Mon, 30 Jun 2003, Vincent Danen wrote: > This was done, IIRC, to allow people to have a ~/public_html/ directory and > allow apache to enter the home directory so as to read ~/public_html/ (which > would allow someone to do something like http://yoursite.com/~preador/). > That's pretty much the reasoning for it IIRC. > nothing stopping you from doing a higher security level or modifying the > defaults. I always created a symlink in the user's home directory such as ln -s /var/www/html/user /home/user/(public_html|html|www|whatever). I always thought that was a rather useful solution, but I'm open to criticism. -- -chort AKA Brian Keefer The thoughts I express are generally piped from /dev/random, needless to say they do not represent my fine employer: CipherTrust, Inc - www.ciphertrust.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
On Mon, 2003-06-30 at 20:47, Jack Coates wrote: ... > Betcha you'd upgraded from 9.0 to 9.1, because I just found out from > today's festivities that both of the machine's I've done it on are now > at msec 2. oops, spoke too soon -- only one of those actually changed its level. -- Jack Coates Monkeynoodle: A Scientific Venture... http://www.monkeynoodle.org/resume.html Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
On Mon, 2003-06-30 at 16:38, Vincent Danen wrote: > On Mon Jun 30, 2003 at 01:11:34PM -0700, Lyvim Xaphir wrote: > > > > > homedirs... I wonder why it decided that read/execute perms > > > > was an ok thing to do. > > > > > > My mistake. I had msec level 2 on my workstation which is > > > why it was read/execute perms. Changing to level 3 gives > > > back the appropriate homedir perms. > > > > This sounds alot like that root window situation of mine recently. ;) > > > > Sorta... =) I thought for sure I was using msec 3 since that's what I > always use. Not sure why I had msec 2 on that machine. Wierd. Betcha you'd upgraded from 9.0 to 9.1, because I just found out from today's festivities that both of the machine's I've done it on are now at msec 2. -- Jack Coates Monkeynoodle: A Scientific Venture... http://www.monkeynoodle.org/resume.html Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
On Mon Jun 30, 2003 at 01:11:34PM -0700, Lyvim Xaphir wrote:
> > > homedirs... I wonder why it decided that read/execute perms
> > > was an ok thing to do.
> >
> > My mistake. I had msec level 2 on my workstation which is
> > why it was read/execute perms. Changing to level 3 gives
> > back the appropriate homedir perms.
>
> This sounds alot like that root window situation of mine recently. ;)
>
Sorta... =) I thought for sure I was using msec 3 since that's what I
always use. Not sure why I had msec 2 on that machine. Wierd.
--
MandrakeSoft Security; http://www.mandrakesecure.net/
Online Security Resource Book; http://linsec.ca/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp0.pgp
Description: PGP signature
Re: [expert] Security or lack thereof
On Mon Jun 30, 2003 at 02:12:35PM -0500, Praedor Atrebates wrote:
> > > at all. I went into DrakConf and set the security level to "high" and
> > > this fixed the horrific insecurity of the default setup, but it also
> > > unfortunately fired up shorewall with settings that prevented me from
> > > being able to access the system remotely
>
> I see...but is it really a good idea to permit execute perms to any and
> sundry? I used to think that if there were a linux virus/worm to be
> concerned about that the worst that could happen under normal circumstances
> is that a user who received and executed a viral script would possibly trash
> his own home and that's it. Now I see that this is not accurate...ALL users
> could trash their homes by executing a bad script/executable in ANY infected
> user's home. The default setup makes this possible...and most users
> wont bother (or think to bother) to change home perms.
I don't think you understand the relevance of the execute bit on a directory
versus on a file. On a directory, execute permissions let you into the
directory. That's it. It doesn't allow you to execute stuff in the
directory, it doesn't allow you to get the directory contents, and it
doesn't allow you to write to the directory.
For all intents and purposes, you can do a cd ~vdanen and see, touch, etc.
absolutely nothing unless those permissions provided it *and* you know what
you're looking for. This is why it's used when people do the ~/public_html/
bit. apache needs to get into ~/ in order to get into ~/public_html.
Giving it the ability to do so is not, by itself, a security flaw.
--
MandrakeSoft Security; http://www.mandrakesecure.net/
Online Security Resource Book; http://linsec.ca/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp0.pgp
Description: PGP signature
Re: [expert] Security or lack thereof
On Mon, 30 Jun 2003, Praedor Atrebates wrote: > I see...but is it really a good idea to permit execute perms to any and > sundry? I used to think that if there were a linux virus/worm to be > concerned about that the worst that could happen under normal > circumstances is that a user who received and executed a viral script > would possibly trash his own home and that's it. Now I see that this is > not accurate...ALL users could trash their homes by executing a bad > script/executable in ANY infected user's home. The default setup makes > this possible...and most users wont bother (or think to bother) to > change home perms. But "execute" permissions on a /directory/ only affect the ability of the user/group-member/other to cd _into_ that directory - they have no bearing on the executability of the *files* therein, which must have their execute permissions set (for that level of user) in order to be runnable by them. -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 The engineer is neither optimist nor pessimist. He sees the proverbial half-full/empty glass and says, "The glass is twice as big as there is any need for it to be." Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
--- Vincent Danen <[EMAIL PROTECTED]> wrote: > > homedirs... I wonder why it decided that read/execute perms > > was an ok thing to do. > > My mistake. I had msec level 2 on my workstation which is > why it was read/execute perms. Changing to level 3 gives > back the appropriate homedir perms. > This sounds alot like that root window situation of mine recently. ;) --LX __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > > at all. I went into DrakConf and set the security level to "high" and > > this fixed the horrific insecurity of the default setup, but it also > > unfortunately fired up shorewall with settings that prevented me from > > being able to access the system remotely I see...but is it really a good idea to permit execute perms to any and sundry? I used to think that if there were a linux virus/worm to be concerned about that the worst that could happen under normal circumstances is that a user who received and executed a viral script would possibly trash his own home and that's it. Now I see that this is not accurate...ALL users could trash their homes by executing a bad script/executable in ANY infected user's home. The default setup makes this possible...and most users wont bother (or think to bother) to change home perms. praedor On Monday 30 June 2003 01:10 pm, Vincent Danen wrote: > On Mon Jun 30, 2003 at 12:46:00PM -0500, Praedor Atrebates wrote: > > > > For the first time I added a couple more users to my home system. Up > > > > 'til now I was the only user. I found that the default > > > > behavior/security (not) setting allowed all users to access all other > > > > user's home directories. No limits! What is this?! That is the > > > > same as no security > > > > [...] > > > > > 1) Mandrake Control Center > > > 2) Security > > > 3) Security Permissions > > > 4) Choose "editable" from the drop down box > > > 5) Add /home/* with the permissions you want. > > > > > > Next time msec runs, it will reset the permissions on the /home/* > > > directories. And you won't need the higher security level (with > > > shorewall). > > > > Danka. This nonetheless begs the question...why should this even be > > necessary? By this I mean why should it be necessary to actively alter > > default settings so that all users don't have access to each other's home > > dirs? I am not really faulting Mandrake here (unless their defaut > > settings and perms are more lenient than other distro defaults. To my > > thinking, the default should never be to permit even read access to > > another's home. There's no call for that unless some user decides > > to give other people access to his/her home dir. This accessibility > > should be a no-no by default regardless of distro. > > This was done, IIRC, to allow people to have a ~/public_html/ directory and > allow apache to enter the home directory so as to read ~/public_html/ > (which would allow someone to do something like > http://yoursite.com/~preador/). That's pretty much the reasoning for it > IIRC. That being said, there is nothing stopping you from doing a higher > security level or modifying the defaults. > > I also believe that a user can enter another user's home dir but will get a > permission denied if they do an ls. Other permissions protect the files in > the homedir. The homedir should have execute-only perms. But, taking a > quick look, it seems that is not the case. H. > > That does kind of suck. msec used to do execute-only perms on homedirs... > I wonder why it decided that read/execute perms was an ok thing to do. > > I'll see if I can't find out. - -- Not a single 9/11 terrorist came from Iraq, nor did a single one train in Iraq. Iraq had NOTHING to do with 9/11. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/AIukaKr9sJYeTxgRAsBHAJ9aLht9HHva/j9kNjSLZfUERpsBLwCdGx8h UoXf6OhcLfjX828l4QnSjSA= =1cdd -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
> > I also believe that a user can enter another user's home dir but will get a > permission denied if they do an ls. Other permissions protect the files in > the homedir. The homedir should have execute-only perms. But, taking a > quick look, it seems that is not the case. H. > > That does kind of suck. msec used to do execute-only perms on homedirs... I > wonder why it decided that read/execute perms was an ok thing to do. > > I'll see if I can't find out. This behaviour was also in mandrake 9.0 or the one before that i believe, i remember reading it in a news group and being very surprised, mandrake should tighten the permissions up regarding users. dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
On Mon Jun 30, 2003 at 12:10:00PM -0600, Vincent Danen wrote:
[...]
> I also believe that a user can enter another user's home dir but will get a
> permission denied if they do an ls. Other permissions protect the files in
> the homedir. The homedir should have execute-only perms. But, taking a
> quick look, it seems that is not the case. H.
>
> That does kind of suck. msec used to do execute-only perms on homedirs... I
> wonder why it decided that read/execute perms was an ok thing to do.
My mistake. I had msec level 2 on my workstation which is why it was
read/execute perms. Changing to level 3 gives back the appropriate homedir
perms.
--
MandrakeSoft Security; http://www.mandrakesecure.net/
Online Security Resource Book; http://linsec.ca/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp0.pgp
Description: PGP signature
Re: [expert] Security or lack thereof
--- Vincent Danen <[EMAIL PROTECTED]> wrote: > > There's no call for that unless some user decides > > to give other people access to his/her home dir. This > > accessibility should be a no-no by default regardless of > > distro. > > This was done, IIRC, to allow people to have a ~/public_html/ > directory and allow apache to enter the home directory so as > to read ~/public_html/ (which would allow someone to do > something like http://yoursite.com/~preador/). > That's pretty much the reasoning for it IIRC. That being > said, there is nothing stopping you from doing a higher > security level or modifying the defaults. > > I also believe that a user can enter another user's home dir > but will get a permission denied if they do an ls. Other > permissions protect the files in the homedir. The homedir > should have execute-only perms. But, taking a quick look, it > seems that is not the case. H. > > That does kind of suck. msec used to do execute-only perms > on homedirs... I wonder why it decided that read/execute > perms was an ok thing to do. > > I'll see if I can't find out. > Yes, this does sound serious. Haven't run into difficulties yet, but I would like to fix this on my system here when you find out what's going on. You da man, Vincent! :) --LX __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
On Mon Jun 30, 2003 at 12:46:00PM -0500, Praedor Atrebates wrote:
> > > For the first time I added a couple more users to my home system. Up
> > > 'til now I was the only user. I found that the default behavior/security
> > > (not) setting allowed all users to access all other user's home
> > > directories. No limits! What is this?! That is the same as no security
> [...]
> > 1) Mandrake Control Center
> > 2) Security
> > 3) Security Permissions
> > 4) Choose "editable" from the drop down box
> > 5) Add /home/* with the permissions you want.
> >
> > Next time msec runs, it will reset the permissions on the /home/*
> > directories. And you won't need the higher security level (with
> > shorewall).
>
> Danka. This nonetheless begs the question...why should this even be
> necessary? By this I mean why should it be necessary to actively alter
> default settings so that all users don't have access to each other's home
> dirs? I am not really faulting Mandrake here (unless their defaut settings
> and perms are more lenient than other distro defaults. To my thinking, the
> default should never be to permit even read access to another's home.
> There's no call for that unless some user decides to give other
> people access to his/her home dir. This accessibility should be a no-no by
> default regardless of distro.
This was done, IIRC, to allow people to have a ~/public_html/ directory and
allow apache to enter the home directory so as to read ~/public_html/ (which
would allow someone to do something like http://yoursite.com/~preador/).
That's pretty much the reasoning for it IIRC. That being said, there is
nothing stopping you from doing a higher security level or modifying the
defaults.
I also believe that a user can enter another user's home dir but will get a
permission denied if they do an ls. Other permissions protect the files in
the homedir. The homedir should have execute-only perms. But, taking a
quick look, it seems that is not the case. H.
That does kind of suck. msec used to do execute-only perms on homedirs... I
wonder why it decided that read/execute perms was an ok thing to do.
I'll see if I can't find out.
--
MandrakeSoft Security; http://www.mandrakesecure.net/
Online Security Resource Book; http://linsec.ca/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp0.pgp
Description: PGP signature
Re: [expert] Security or lack thereof
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 30 June 2003 10:31 am, Robert W. wrote: > On Sun, 2003-06-29 at 19:53, Praedor Atrebates wrote: > > For the first time I added a couple more users to my home system. Up > > 'til now I was the only user. I found that the default behavior/security > > (not) setting allowed all users to access all other user's home > > directories. No limits! What is this?! That is the same as no security [...] > 1) Mandrake Control Center > 2) Security > 3) Security Permissions > 4) Choose "editable" from the drop down box > 5) Add /home/* with the permissions you want. > > Next time msec runs, it will reset the permissions on the /home/* > directories. And you won't need the higher security level (with > shorewall). Danka. This nonetheless begs the question...why should this even be necessary? By this I mean why should it be necessary to actively alter default settings so that all users don't have access to each other's home dirs? I am not really faulting Mandrake here (unless their defaut settings and perms are more lenient than other distro defaults. To my thinking, the default should never be to permit even read access to another's home. There's no call for that unless some user decides to give other people access to his/her home dir. This accessibility should be a no-no by default regardless of distro. praedor - -- Not a single 9/11 terrorist came from Iraq, nor did a single one train in Iraq. Iraq had NOTHING to do with 9/11. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/AHdYaKr9sJYeTxgRAmMxAKCc4ZDXAVwk7tcvyB2mSRcofManzgCgp9Ti O7T4NI7YWKuDutQuU4ksuOQ= =XhHt -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
On Sun, 2003-06-29 at 19:53, Praedor Atrebates wrote: > For the first time I added a couple more users to my home system. Up 'til now > I was the only user. I found that the default behavior/security (not) > setting allowed all users to access all other user's home directories. No > limits! What is this?! That is the same as no security at all. I went into > DrakConf and set the security level to "high" and this fixed the horrific > insecurity of the default setup, but it also unfortunately fired up shorewall > with settings that prevented me from being able to access the system remotely 1) Mandrake Control Center 2) Security 3) Security Permissions 4) Choose "editable" from the drop down box 5) Add /home/* with the permissions you want. Next time msec runs, it will reset the permissions on the /home/* directories. And you won't need the higher security level (with shorewall). -- Robert W. [EMAIL PROTECTED] "It is done. I am the Alpha and the Omega, the Beginning and the End." -- Revelations 21:6 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Security or lack thereof
Yes, Sympa sucks... but... I'm afraid I don't know what you're talking about on the other thing. These two are both upgrades from 9.0: [EMAIL PROTECTED] jack]$ grep home /usr/share/msec/perm.3 /home/ root.root 755 /home/* current 711 [EMAIL PROTECTED] jack]$ grep home /usr/share/msec/perm.3 /home/ root.root 755 /home/* current 711 This one is a fresh install: [EMAIL PROTECTED] root]# grep home /usr/share/msec/perm.3 /home/ root.root 755 /home/* current 711 Oh, I see -- when ls'ing the home directory, it's clear that the default umask was picked up at directory creation. [EMAIL PROTECTED] root]# grep umask /etc/profile umask 022 So others can read files that are known to exist. Others cannot browse into the directory and look for unknown files though. On Sun, 2003-06-29 at 17:53, Praedor Atrebates wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > I don't have much hope that this message will actually make it to the list but > what the hell (I haven't seen a single message all weekend...AGAIN...I think > I will drop off the list, it is too broken to be of any more use). > > For the first time I added a couple more users to my home system. Up 'til now > I was the only user. I found that the default behavior/security (not) > setting allowed all users to access all other user's home directories. No > limits! What is this?! That is the same as no security at all. I went into > DrakConf and set the security level to "high" and this fixed the horrific > insecurity of the default setup, but it also unfortunately fired up shorewall > with settings that prevented me from being able to access the system remotely > - - I often connect my laptop via ethernet (crossover cable) to my desktop and > transfer files, fix things that have frozen or broken on the desktop, etc. I > found that I could no longer ssh into my desktop when I really needed to in > order to correct an X freeze up. Unfortunately, because I couldn't get in I > had to hard reboot. > So...what is the deal with default (medium?) security settings in Mandrake > 9.1 allowing all users to access all other user's home directories? This is > windoze behavior for gawds sake. Then, why would it be necessary to block > all ssh connections - a secure shell, afterall, with the next higher setting > (required to get home directories cordoned off from prying user eyes)? > > praedor > - -- > The First Amendment rests on the assumption that the widest possible > dissemination of information from diverse and antagonistic sources is > essential to the welfare of the public. > - --Justice Hugo Black > > GnuPG fingerprint: > D170 2A02 B426 6AA0 5E68 3EDC 68AA FDB0 961E 4F18 > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQE+/4oxaKr9sJYeTxgRAqLJAJ9Fx/XseCjcPe25PrPy7ytKdnDyvgCeOw+i > KJSwCpHCk9S2yNL3wteTksk= > =12GU > -END PGP SIGNATURE- > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- Jack Coates Monkeynoodle: A Scientific Venture... http://www.monkeynoodle.org/resume.html Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Security or lack thereof
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I don't have much hope that this message will actually make it to the list but what the hell (I haven't seen a single message all weekend...AGAIN...I think I will drop off the list, it is too broken to be of any more use). For the first time I added a couple more users to my home system. Up 'til now I was the only user. I found that the default behavior/security (not) setting allowed all users to access all other user's home directories. No limits! What is this?! That is the same as no security at all. I went into DrakConf and set the security level to "high" and this fixed the horrific insecurity of the default setup, but it also unfortunately fired up shorewall with settings that prevented me from being able to access the system remotely - - I often connect my laptop via ethernet (crossover cable) to my desktop and transfer files, fix things that have frozen or broken on the desktop, etc. I found that I could no longer ssh into my desktop when I really needed to in order to correct an X freeze up. Unfortunately, because I couldn't get in I had to hard reboot. So...what is the deal with default (medium?) security settings in Mandrake 9.1 allowing all users to access all other user's home directories? This is windoze behavior for gawds sake. Then, why would it be necessary to block all ssh connections - a secure shell, afterall, with the next higher setting (required to get home directories cordoned off from prying user eyes)? praedor - -- The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public. - --Justice Hugo Black GnuPG fingerprint: D170 2A02 B426 6AA0 5E68 3EDC 68AA FDB0 961E 4F18 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+/4oxaKr9sJYeTxgRAqLJAJ9Fx/XseCjcPe25PrPy7ytKdnDyvgCeOw+i KJSwCpHCk9S2yNL3wteTksk= =12GU -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
