Re: Bits from the release team: the plans for etch

To: Marc Haber <mh+debian-devel@zugschlus.de>
Cc: debian-devel@lists.debian.org
Subject: Re: Bits from the release team: the plans for etch
From: Thomas Bushnell BSG <tb@becket.net>
Date: Wed, 26 Oct 2005 12:30:30 -0700
Message-id: <[🔎] 873bmo2i09.fsf@becket.becket.net>
In-reply-to: <[🔎] 20051026181328.GY6026@ns.snowman.net> (Stephen Frost's message of "Wed, 26 Oct 2005 14:13:28 -0400")
References: <[🔎] 20051025202118.GA10290@javifsp.no-ip.org> <[🔎] E1EUecU-0004QS-NV@scyw00225.scy001.de> <[🔎] 20051026091100.GA3940@javifsp.no-ip.org> <[🔎] E1EUiKp-0005zI-4A@scyw00225.scy001.de> <[🔎] 20051026130749.GO6026@ns.snowman.net> <87d5lss2md.fsf@becket.becket.net> <[🔎] 20051026160420.GS6026@ns.snowman.net> <[🔎] 87psps5fvw.fsf@becket.becket.net> <[🔎] 20051026175131.GX6026@ns.snowman.net> <[🔎] 87d5ls2lv4.fsf@becket.becket.net> <[🔎] 20051026181328.GY6026@ns.snowman.net>

Stephen Frost <sfrost@snowman.net> writes:

> * Thomas Bushnell BSG (tb@becket.net) wrote:
>> Stephen Frost <sfrost@snowman.net> writes:
>> > Same way you know that the system administrator hasn't modified a file
>> > in /usr/bin.
>> 
>> Um, I know that by comparing the contents against a known-true
>> version.  How do I detect whether the system administrator has used a
>> UID?
>
> Except last I checked, we don't do such comparison.  If you really
> wanted to know if the UID was used you could do a find /, etc.  Neither
> is necessary though, which is the point.

So what?  My point is that it is not *possible* to determine that a
uid hasn't been used for some unexpected purpose.  You said we should
reuse the uid if it hasn't been so used.  Are you now saying that we
should reuse it and not try to figure out at all?

Find on / of course doesn't work.  Well, it works if you never make
backups or use removable media.  Uh huh.

>> Moreover, the consequences of getting the one wrong are that you
>> delete the sysadmin's changes.  The consequences of the other are an
>> important and difficult-to-detect security hole.
>
> This is just patently false, as has been pointed out elsewhere.  What
> security hole, exactly, is created by orphaning a file?

The UID gets reused, and the new possessor of the UID suddenly owns
the old files.

Thomas

Reply to:

References:
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Bits from the release team: the plans for etch
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Bits from the release team: the plans for etch
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>

Prev by Date: Re: Bits from the release team: the plans for etch
Next by Date: A thought about killing two bird with one stone
Previous by thread: Re: Bits from the release team: the plans for etch
Next by thread: Re: Bits from the release team: the plans for etch
Index(es):
- Date
- Thread