tcb for debian?
Hi
I was just taking a look at tcb from the openwall project. A quick look at
packages.debian.org revealed that it seems not to be included in debian
yet.
Quick description (from the manpage)
With the traditional password shadowing scheme, password hashes and
password aging information of all users is stored in one file,
/etc/shadow. Therefore, if a process requires access to information on a
single user, it is forced to possess privileges which are
sufficient to access data on all users. This is a design flaw, which is
most clearly visible in the case of passwd(1) utility. Let's assume
that unprivileged users are to be allowed to change their own
passwords. Whatever permissions are assigned to /etc/shadow, passwd(1),
invoked by unprivi- leged user U, must be able to modify the contents
of this file. If malicious user U finds a way to control the
passwd(1) process (with the help of a buffer overflow or another bug in
the passwd(1) code, in the libraries it uses, or in the kernel), the
user will be able to change passwords of all users and thus obtain full
control over the system.
The solution is straightforward - each user is assigned its own,
separate shadow-style file. User U's shadow file is owned by U, so
passwd(1) invoked by U does not require superuser privileges.
The directory where all users' shadow files reside is /etc/tcb.
The principle sounds quite good, however there is one major drawback:
The tcb package contains core components of our tcb suite implementing the
alternative password shadowing scheme on Owl. It is being made available
separately from Owl primarily for use by other distributions. Note that
you need to have the password hashing framework introduced with
crypt_blowfish patched into glibc to compile this.
It is very unlikely that such a small package which is not used that much,
will get into debian if the glibc has to be patched, right?
The glibc patch of the crypt_blowfish package is not even 2kb "big". (3
lines added, however some files have to be copied additionally and the
patch is for glibc 2.1.3)
MfG/Regards, Alexander
--
Alexander Reelsen http://tretmine.org
ref@tretmine.org
Reply to: