Re: Bug#262507: ITP: resmgr -- resource manager library

To: debian-devel@lists.debian.org
Subject: Re: Bug#262507: ITP: resmgr -- resource manager library
From: Julien BLACHE <jblache@debian.org>
Date: Thu, 28 Oct 2004 20:46:18 +0200
Message-id: <[🔎] 87d5z27kat.fsf@frigate.technologeek.org>
In-reply-to: <[🔎] 20041028160051.GB32608@suffields.me.uk> (Andrew Suffield's message of "Thu, 28 Oct 2004 17:00:51 +0100")
References: <20040731121041.4BAB41474324@frigate.technologeek.org> <[🔎] 87hdog8apc.fsf@frigate.technologeek.org> <[🔎] 20041028160051.GB32608@suffields.me.uk>

Andrew Suffield <asuffield@debian.org> wrote:

Hi,

>> I plan to have SANE built with resmgr support for Etch, and I hope
>> other applications will support resmgr too. It can make life a lot
>> easier, and changes to the code are really minimal.
>
> It is, however, a security hole; it's functionally equivalent to
> pam_console (which we declined to ship in the past) and has the same

It's a bit better than pam_console, however, which has a lot of
issues.

I uploaded to experimental to get some feedback on the possible
security issues/implications; I'm still trying to determine whether
there are holes (read: bigger holes than those which can exist with
other solutions) or not.

Could you point out the security issues you see in resmgr ?

I note that SuSE ships resmgr and has a couple of resmgr-enabled
applications. Of course, RedHat ships pam_console, so that's not a
point (and they're having a whole lot of problems with it, again).

> problems. As such it's not really an improvement in security over
> making devices group- or world-accessible.

It doesn't claim to be a more secure solution than fiddling with
ownership and permissions, only to be more convenient (and I tend to
think that it is).

> resmgr must not be enabled by default and should carry a big warning;
> you can only use it in scenarios where you would be willing to use
> pam_console.

As it is currently :
 - rsm_open_device() will fall back to a call to open() if resmgrd
   isn't available, so resmgr-enabled applications do not depend on
   resmgrd being up & running;
 - resmgrd isn't installed by default, you need to explicitly install
   it (no dependencies, only a Recommends that could be downgraded to
   a Suggests to avoid side-effects with some frontends to apt);
 - resmgrd won't be started until configured (no default config
   is shipped in the package, only an example config file);
 - you need to add pam_resmgr to your PAM config files by hand.

I will add the big blinking warning if/when it goes into unstable (if
there's a consensus against resmgr, I'll withdraw the ITP) if needed.

> (Why somebody bothered to implement resmgr instead of simply enhancing
> pam_console is beyond me; probably NIH)

If you haven't already, you might want to read
<http://rechner.lst.de/~okir/resmgr/description.html>

I'm still reviewing resmgr and I probably won't be done with it for
some more months (being low on free time). I won't upload to unstable
unless I'm sure it cannot harm and it isn't a gapping security hole.

The idea is to provide a tool to sysadmins who might want to use it,
and not something that works out of the box, with a half-broken
default config.

Thanks for your feedback,

JB.

-- 
 Julien BLACHE - Debian & GNU/Linux Developer - <jblache@debian.org> 

 Public key available on <http://www.jblache.org> - KeyID: F5D6 5169 
 GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169

Reply to:

Follow-Ups:
- Re: Bug#262507: ITP: resmgr -- resource manager library
  - From: Andrew Suffield <asuffield@debian.org>

References:
- Re: Bug#262507: ITP: resmgr -- resource manager library
  - From: Julien BLACHE <jblache@debian.org>
- Re: Bug#262507: ITP: resmgr -- resource manager library
  - From: Andrew Suffield <asuffield@debian.org>

Prev by Date: Re: Comparing FHS 2.3 and 2.1
Next by Date: Re: d-i using kexec
Previous by thread: Re: Bug#262507: ITP: resmgr -- resource manager library
Next by thread: Re: Bug#262507: ITP: resmgr -- resource manager library
Index(es):
- Date
- Thread