Re: #342455

To: Ian Jackson <ian@davenant.greenend.org.uk>
Cc: Roger Leigh <rleigh@whinlatter.ukfsn.org>, Technical Committee <debian-ctte@lists.debian.org>, 342455@bugs.debian.org, Bastian Blank <waldi@debian.org>
Subject: Re: #342455
From: Raul Miller <moth.debian@gmail.com>
Date: Sat, 11 Feb 2006 19:29:39 -0500
Message-id: <[🔎] d0461dbe0602111629k1242459aq155a7355c05d0589@mail.gmail.com>
Reply-to: moth@debian.org
In-reply-to: <[🔎] 17388.50137.430730.873657@davenant.relativity.greenend.org.uk>
References: <[🔎] 87d5i5vhn5.fsf@hardknott.home.whinlatter.ukfsn.org> <[🔎] d0461dbe0602021241g4ffc55ceg8105beffa88a0bd8@mail.gmail.com> <[🔎] 873birmu48.fsf@hardknott.home.whinlatter.ukfsn.org> <[🔎] d0461dbe0602100813v2e4cbb8biaa9909328b8e94f3@mail.gmail.com> <[🔎] 17388.49011.225396.82314@davenant.relativity.greenend.org.uk> <[🔎] d0461dbe0602100844q20107864h368ff62d62ff44f4@mail.gmail.com> <[🔎] 17388.50137.430730.873657@davenant.relativity.greenend.org.uk>

On 2/10/06, Ian Jackson <ian@davenant.greenend.org.uk> wrote:
> Raul Miller writes ("Re: #342455"):
> > On 2/10/06, Ian Jackson <ian@davenant.greenend.org.uk> channelled:
> > > The proposed change to devmapper changes the permissions for all block
> > > devices, doesn't it ?  Whereas the other debian defaults vary from one
> > > kind of device to another.  For example, floppies are g+w floppy.
> >
> > The change to devmapper is inconsistent in the context of many groups
> > of machines.
>
> Um, are we talking about the same change here ?  I'm criticising the
> proposed change to the configure script which makes all the block
> devices start out g+w disk.

Yes, we're talking about the same change here.

If I have a cluster of debian machines (predating devmapper), by
default they'll all have block devices with g+w disk.

If I introduce devmapper systems into this cluster that will
not be true.

> > It's also inconsistent over time on many single machines.
>
> I agree that the current situation is unsatisfactory.  But I think (at
> the moment, at least) that it should be fixed by adopting Bastian's
> code fragments with an appropriate configuration.

I don't know what this means.

> > > For changing the `default' by changing the permissions at device
> > > creation time at the very least introduces a race, where the device
> > > briefly has the default permissions; if the defaults are maximally
> > > restrictive then this is OK.
> >
> > The debian defaults grant permission to an empty group -- one
> > which by default has no users -- this is maximally restrictive.
>
> This is rather disingenuous.  No-one would be complaining if the disk
> group remained empty.

That's demonstrably false: the disk group does remain empty on any
number of machines and people are complaining.  Even if the group is
not empty, access to the accounts which are members of that group
is under the control of the same person who gives access to root.

Last time I looked, when I created a new user account, I got a new
group with the same name which that user was a member of.  The
new accounts are not members of group disk.

Put differently: security is not about technology so much as it's
about the person who is responsible for the system understanding
what it's doing.  The details follow from the goals of the person
responsible for the system.

--
Raul

Reply to:

References:
- Re: #342455
  - From: Roger Leigh <rleigh@whinlatter.ukfsn.org>
- Re: #342455
  - From: Raul Miller <moth.debian@gmail.com>
- Re: #342455
  - From: Roger Leigh <rleigh@whinlatter.ukfsn.org>
- Re: #342455
  - From: Raul Miller <moth.debian@gmail.com>
- Re: #342455
  - From: Ian Jackson <ian@davenant.greenend.org.uk>
- Re: #342455
  - From: Raul Miller <moth.debian@gmail.com>
- Re: #342455
  - From: Ian Jackson <ian@davenant.greenend.org.uk>

Prev by Date: Re: #342455
Next by Date: Re: #342455
Previous by thread: Re: #342455
Next by thread: Re: #342455
Index(es):
- Date
- Thread