[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: cdrtools-2.01a37 ready

Jacob Meuser <jakemsr@jakemsr.com> wrote:

> On Fri, Aug 20, 2004 at 03:49:28PM +0200, Joerg Schilling wrote:
>
> > How do you believe that you may run cdrecord without root privs without
> > compromising the security of the whole system?
>
> On OpenBSD, members of the operator group are allowed to reboot the
> system, change tapes ... normal things that someone trusted to operate

....

> But having suid binaries gives _anyone_ the possibility of escalating
> to root.  This has already happened to the very software we are
> talking about.
>
> Using the suid bit takes away all the fine grained "access control".

It looks like OpenBSD does not have fine grrained access control but did rather
add unwanted spacial group behavior into the kernel.

On Solaris 10, you may use RBAC together with getppriv()/setppriv() to really 
have fine grained role based rights.

On a non "trusted" Variant, there is /usr/bin/pfexec that calls the programs
with just the rights they need.

Jörg

-- 
 EMail:joerg@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
       js@cs.tu-berlin.de		(uni)  If you don't have iso-8859-1
       schilling@fokus.fraunhofer.de	(work) chars I am J"org Schilling
 URL:  http://www.fokus.fraunhofer.de/usr/schilling ftp://ftp.berlios.de/pub/schily
Reply to: