On Sun, 18 Apr 2010 08:29:37 +1000
Lie Ryan wrote:
> sudoedit is mainly just a shortcut for "sudo $EDITOR" (plus doing a few
> things).
sudoedit is safer then sudo because sudoedit runs as root but nano (The editor)
runs as your user.
sudoedit uses a fixed path which is compiled into the program (The was a thread
about changing the editor on this mailing some time ago. ).
> Everything above (su,sudo,policykit,polkit) are just sugar for
> permission bits (owner,group,others+SUID,GUID); attempting to give finer
> control over the permissions or provide convenience services.
Mess up the configuration and you may as well hand out the root password.
> The basis of all Linux security scheme is the file permission bits
> (owner,group,other) and the SUID/GUID bit (ACL is a distinct security
> scheme, so we're explicitly excluding it here). Everything else is just
> sugar. If you want to lock everything, just remove the SUID/GUID-bit
> from all executables in your system (except for a select few) and remove
> all groups (make sure you know what you're doing though, lots of program
> won't work if you really do that). Starting from step zero, you can have
> very fine control over everything.
I just checked my system for files not owned by me and had a non root group set
to rw.
I found "/usr/share/games/eternal-lands" with rw set and all the sub-folders
and files.
It would be very easy to do a DOS attack on a system side partition but then
again
the same could be said about "/tmp".
If you setup quotas for the users home folder. Ones the home folder is full the
user will look for another place to save they files.
When I was at school. A kid ran out of space so he started to move his files to
the recycling bin, before creating
his new files. Of course the recycling bin had no quota nor was it backed up.
Some time after that the admin set a quota on the recycling bin and the kid
asked why he could not save.
So I showed him how to empty his recycling bin. I was 10 second away from
deleting all his work
before he pointed out he keeps his work in there!
That was some fun on windows but it could happen with Linux "/tmp" is wiped
after each reboot and any
other places that is not backed up, does not have quota and the user can write
to.
> Most security holes in Linux comes from a SUID program that lets
> untrusted programs into the "trusted-space".
53 SUID or GUID programs on my system!
Why does cdrecord have SUID set?
"/dev/sr0" is in the cdrom group with rw set so
SUID should not be needed in the first place.
> If you want simplify your environment, you can clear all the `group` and
> `other` permission bits from all files in your computer and everyone
> (except root) will only have access to files they own. Then you can
> start adding permissions on case-by-case basis. Too much hassle though,
> I think.
I could remove other from all the SUID programs then setup a ACL group that
could run then.
That would stop RandomFool from running then in the first place.
I could see that being useful for say "mount" (Yes it's has SUID set). If the
was security hole in it.
> the only way the program can chmod a file in your home folder is because
> the program have the permission to chmod a file in your home folder. The
> only program that have permission to chmod a file in your home folder is
> the one run with EUID-root or EUID-owner. The only way a program can be
> run with EUID root is they are executed by root himself or a SUID-root
> program. The only way a program can be run with EUID owner is SUID-owner
> program or program executed by the owner himself.
What does the E in EUID stand for?
I did a quick Google and found RUID and EUID but I did not find anything else.
> However, I don't think buggy program is the case here. It is much more
> likely that you accidentally runs chmod on your home folder when you
> actually want to run it in another directory.
No, this was before I used chmod for anything (read noob) I set the permissions
back with nautilus
but after each login or was reboot and login. The permissions got set back to
o+rwx.
The was a very help error box at login that said "The permissions for your home
folder are set wrong.".
That was the helpful version the real version was talking about some file in
"~/.config".
> You can use this to find all SUID program accesible by your user:
> find / -perm -u+s -exec ls -l '{}' \; 2> /dev/null
Yes, I have being making use of this page
http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=6
for a long time.
> I found sudo, although very handy for desktop, is a huge security hole.
> And is inadequate for any secure system. This is simply because if you
> run a program as sudo, then in the next five minute you start a
> malicious program *without* sudo; the malicious program can gain root
> access by stealing your previous sudo's timestamp (yes, it can steal the
> timestamp without being explicitly invoked with sudo[1]). Before
