[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: all xterms

On Wed, Nov 03, 1999 at 04:45:22PM +0100, Tomasz Wegrzanowski was heard to say:
> On Tue, Nov 02, 1999 at 05:35:32PM -0500, Daniel Burrows wrote:
> > On Tue, Nov 02, 1999 at 07:05:20PM +0100, Tomasz Wegrzanowski was heard to say:
> > > Ive sent a patch making pgp and gpg able to lie enywhere shell can find them
> > > (in $PATH I mean) but it was ignored by maintainer who doesnt consider mutt's
> > > way wrong one.
> > 
> >   I think I can guess at least one possible reason for doing this.  By searching
> > anywhere in the path, especially with these particular programs, you
> > introduce a *potential* security hole.  Knowing exactly which pgp/gpg binary
> > you're running is a Good Thing. [2]
> NO, you are completely WRONG.
> If one have $PATH pointing to world-writable directory he has
> already NO security AT ALL ! This is not *potential* security hole.

  Ok, I'm an idiot. (in my own defense it was off the top of my head, and the
directory doesn't have to be world-writable for it to be a problem)

> >   Daniel
> > 
> >   [2] Yes, if you have a small path (/bin:/usr/bin:/usr/local/bin) this isn't `
> >      likely to be a problem, but hardcoding the path will be equally secure on
> >      all setups including those with unholy default paths ;-).
> It wont be secure cause I wont be able to check signature's validity
> if I install pgp to /usr/local/ or /opt/ or any else place in the $PATH
> This is bad for security.

  Uh, yes you can check signatures.  Just tell it where to look.


"Do you know why the prisoner in the tower watches the flight of birds?"
  -- Terry Pratchett, _Reaper_Man_

Reply to: