Re: thoughts about a hint.

2005-09-29 Thread Simon Geard
On Wed, 2005-09-28 at 09:48 -0400, Tushar Teredesai wrote: > On 9/28/05, Simon Geard <[EMAIL PROTECTED]> wrote: > > Doesn't matter. If a malicious package can already install to > > directories in $PATH, it can replace or override an existing program > > already being run by the scripts you're tryi

Re: thoughts about a hint.

2005-09-28 Thread Tushar Teredesai
On 9/28/05, Simon Geard <[EMAIL PROTECTED]> wrote: > Doesn't matter. If a malicious package can already install to > directories in $PATH, it can replace or override an existing program > already being run by the scripts you're trying to secure. > > For instance, one of the first things /etc/rc.d/i

Re: thoughts about a hint.

2005-09-28 Thread Luca Dionisi
> > Doesn't matter. If a malicious package can already install to > directories in $PATH, it can replace or override an existing program > already being run by the scripts you're trying to secure. > > For instance, one of the first things /etc/rc.d/init.d/rc does is run > 'stty sane'. Replace the

Re: thoughts about a hint.

2005-09-28 Thread Simon Geard
On Wed, 2005-09-28 at 09:38 +0200, Luca Dionisi wrote: > The security benefit is on the fact that when you run the > executable as a normal user (since it can't be a root suid executable) > it runs as an unprivileged process. > If the executable goes to the /etc/rc.d/rc[1..5] ... directories, > on

Re: thoughts about a hint.

2005-09-28 Thread Luca Dionisi
Well, your POV is not wrong. On 9/28/05, Tushar Teredesai <[EMAIL PROTECTED]> wrote: > Yep, what is the security benefit when the malicious package can > already install executables to the standard PATH? The security benefit is on the fact that when you run the executable as a normal user (since

Re: thoughts about a hint.

2005-09-27 Thread Tushar Teredesai
On 9/27/05, Luca Dionisi <[EMAIL PROTECTED]> wrote: > Let's say you are about to install a package. Actually it is > a malicious package... but you don't know this. > If the install script (when you run it as a privileged user) > puts a bootscript in /etc/rc.d/... and you don't realize that, > at t

Re: thoughts about a hint.

2005-09-27 Thread Luca Dionisi
It's me again. Just a thing... I'm not sure that I said the right thing in english. On 9/27/05, Luca Dionisi <[EMAIL PROTECTED]> wrote: > Well, on the other hand, you may not allow any package > user to install files on /etc/rc.d I mean, on the other hand, you may allow no package users to insta

Re: thoughts about a hint.

2005-09-27 Thread Luca Dionisi
On 9/27/05, Tushar Teredesai <[EMAIL PROTECTED]> wrote: > > Seems a very trivial extension of the current pkg-user hint. > Yep, indeed it's not a great deal! :) > Also, I fail to understand what the benefit is with this extension. > You are already giving the pkg user privilege to install files

Re: thoughts about a hint.

2005-09-26 Thread Tushar Teredesai
On 9/26/05, Luca Dionisi <[EMAIL PROTECTED]> wrote: > It is a little enhancement on the hint of Matthias S. Benkmann > on the use of "package users" instead of root when installing > packages. > It is about the use of another group, similar to "install", with the > directories /etc/rc.d/... > I fou