[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Reporting missing package during install

Tom H writes:

 > On Mon, Dec 9, 2013 at 8:09 AM, Gian Uberto Lauri <saint@eng.it> wrote:
 > > If some users needed to have the root power for a small set of
 > > operation, then sudo would give them that extact power, no more no
 > > less.
 > >
 > > What are the benefits of The "Macintosh/Ubuntu" use of sudo? Improved
 > > security? Are you kidding? Whatever the user I compromise I have root
 > > access, just type "sudo bash".
 > 
 > You seem to assume that everyone has "ALL" as the executable that can
 > be run via sudo.

That wrong assumption has already been pointed out.

But whit this configuration you have 2 critical accounts instead of
one.

Everybody is aware that root is a critical account, how many do
realize that the first (often the only) user account in such systems
is as critical as the root one?

 > > Furthermore the sudo habit of keeping valid an authentication for a
 > > certain amount of time seems like an open door for malicious code
 > > injection.
 > 
 > You can use the "timestamp_timeout" option to set this to zero.

This should be the default, but is not.

 > Is your malicious code injection scenario that a person or a program
 > is watching for you to use sudo so as to abuse this timeout? I'd say
 > that you have a bigger problem if a cracker already has that full an
 > access to your system.

Nope. *That* could be the beach head to invade your system.

You never compiled some downloaded source  on your system? Do you scan
them?

We  usually trust  Free  Software source  code, but  how  many do  the
signature check of the tarball they just downloaded (and if you can
inject malicious code in the source, chances are high that you can
also get the poisoned meatball signed).

Who is vulnerable? Inexperienced users. With a small user base these
may be a small number, but if the user base grows, as we hope?

 > What's the difference between giving some of those users access to
 > root and giving those same ones sudo access to root?

On this point, I have to agree with you since further sudo grants have
to been given explicitly.

-- 
 /\           ___                                    Ubuntu: ancient
/___/\_|_|\_|__|___Gian Uberto Lauri_____               African word
  //--\| | \|  |   Integralista GNUslamico            meaning "I can
\/                 coltivatore diretto di software       not install
     già sistemista a tempo (altrui) perso...                Debian"

Warning: gnome-config-daemon considered more dangerous than GOTO
Reply to: