[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libsafe and Debian installation

I agree completely with what you say.  Though in reading the research
paper behind it, I think anything it catches is an actual severe bug in
the program.  The interesting thing is, one doesn't have to have libsafe
terminate the application, one can have libsafe just log that it
occured.  I agree that even in this mode, it can possibly expose either
bugs in libsafe (or in the program) that would not be exposed otherwise.

On that note, what I think I'm trying to say is, Debian has a lot of
good tools to increase the security of ones system.  However, users
don't know about them.  I didn't know libsafe was in debian until I
started doing research into buffer overflow attacks.  I'm sure there are
plenty of other good tools in debian that one can use to get an easy
security boost.  yes, every choice needs to be made in an educated
manner, but what I'm arguing for is that we provide our users with the
information to make those decisions.

the security howto is a start, but it leaves out many things, and I
didn't really know about it until recently either.

On Mon, 2002-04-22 at 16:13, Chad Walstrom wrote:
> On Mon, Apr 22, 2002 at 03:27:09PM -0400, Shaya Potter wrote:
> > People can install many things now to be LD_PRELOAD'd and not include
> > that info in the bug reports.  A better solution would be to make
> > encourage people to include LD_PRELOAD info in the bug report.
> 
> Libsafe as a tool changes the behavior of the software it polices.  Some
> programs will quietly continue to work even with buffer overflows and
> out of bounds references.  For example, commercial applications that we
> do not have control of the source code may exit "unexplainably" during a
> "mission critical" function.
> 
> libsafe as a tool requires that the user is thoroughly educated in the
> possible consequences of running the tool.  To force this upon a user as
> a default may seem like we're helping to protect them.  In practice,
> we would be forcing draconic security policies upon them.
> 
> It's perceived that Debian gets a bum-rap about being "slow to release"
> and "hard to integrate commercial applications".  Just imagine what
> would happen if some desktop pen-jockey tries to run his favorite
> desktop application, only to have it silently fail (Yeah, errors log in
> ~/.gnome-session or ~/.xsession, but our desktop pen-jockey doesn't know
> that).  "Well, it runs just fine on Red Hat!" would be his quip in a
> well meaning, but misrepresented article.
> 
> libsafe is a wonderful security tool, yes.  Should it be installed by
> default? No.  Should it's use be encouraged?  Yes, but education needs
> to go along with this.  A basic understanding about the dynamic linker
> and program error output is essential to its use.
> 
> You and I can piece these things together, but not everyone can.  The
> user should consiously choose to "break" things.
> 
> -- 
> Chad Walstrom <chewie@wookimus.net>                 | a.k.a. ^chewie
> http://www.wookimus.net/                            | s.k.a. gunnarr



-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: