Re: Bits from the release team: the plans for etch
* Stephen Frost (sfrost@snowman.net) [051026 20:13]:
> * Thomas Bushnell BSG (tb@becket.net) wrote:
> > Stephen Frost <sfrost@snowman.net> writes:
> > > Same way you know that the system administrator hasn't modified a file
> > > in /usr/bin.
> >
> > Um, I know that by comparing the contents against a known-true
> > version. How do I detect whether the system administrator has used a
> > UID?
>
> Except last I checked, we don't do such comparison. If you really
> wanted to know if the UID was used you could do a find /, etc. Neither
> is necessary though, which is the point.
>
> > Moreover, the consequences of getting the one wrong are that you
> > delete the sysadmin's changes. The consequences of the other are an
> > important and difficult-to-detect security hole.
>
> This is just patently false, as has been pointed out elsewhere. What
> security hole, exactly, is created by orphaning a file?
Well, if some process (maybe within the package) creates a private log
file that contains sensitive information, and this log file can later on
be read by a process with much less privileges, this is usually
considered as security relevant issue.
Cheers,
Andi
Reply to: