Re: statement from one of the klik project members [was: The klik project and Debian]

To: debian-devel@lists.debian.org
Subject: Re: statement from one of the klik project members [was: The klik project and Debian]
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sat, 21 Jan 2006 14:28:36 -0200
Message-id: <[🔎] 20060121162836.GC2885@khazad-dum.debian.net>
In-reply-to: <[🔎] 20060120184302.GC22778@login.informatik.uni-freiburg.de>
References: <[🔎] 200601200056.26419.k1pfeifle@gmx.net> <[🔎] 20060120052026.GA3923@zeno.patrick.wattle.id.au> <[🔎] 20060120074121.GA24472@country.grep.be> <[🔎] 20060120123126.GF18664@asteria.noreply.org> <[🔎] 20060120184302.GC22778@login.informatik.uni-freiburg.de>

On Fri, 20 Jan 2006, Bernhard R. Link wrote:
> * Peter Palfrader <weasel@debian.org> [060120 13:31]:
> > user implies noexec, nosuid, and nodev unless overridden by subsequent
> > options according to the mount(8) manpage.
> 
> Please always keep in mind that this only reduces the chance, but still
> keeps the possibility for holes open. (Like noexec could be circumvented

This seems incorrect to me.  It has absolutely no impact whatsoever in the
security of a system that already has "user" mounts, and that allows users
to execute arbritary executables *anywhere* (and this later risk is that of
running unauthorized programs, and not of privilege escalation).

> by calling ld.so directly, nosuid by perl-suid and so on, and there might
> always be some other program sleeping somewhere waiting for its chance)

That would require a kernel bug involving local priviledge escalation, or a
severe bug in a suid application already in the system.  klik by no means
make it any easier to exploit such bugs, unless klik is the sole way a new
"suid-bit-set" program could be brought into the system (even in a no-suid
partition).  Again, this is only true on systems where kilk is the only
user-mountable media or the only user-mountable-with-execute-permission
media with exec permission.

And the ld.so avenue of running executables on non-executable partitions
seems to be closed (at first glance) in Debian Sid.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- Re: Re: statement from one of the klik project members [was: The klik project and Debian]
  - From: Kurt Pfeifle <k1pfeifle@gmx.net>
- Re: Re: statement from one of the klik project members [was: The klik project and Debian]
  - From: Cameron Patrick <cameron@patrick.wattle.id.au>
- Re: Re: statement from one of the klik project members [was: The klik project and Debian]
  - From: Wouter Verhelst <wouter@debian.org>
- Re: statement from one of the klik project members [was: The klik project and Debian]
  - From: Peter Palfrader <weasel@debian.org>
- Re: statement from one of the klik project members [was: The klik project and Debian]
  - From: "Bernhard R. Link" <brlink@debian.org>

Prev by Date: Re: Implicition declarations of functions and bugs
Next by Date: Re: when and why did python(-minimal) become essential?
Previous by thread: Re: statement from one of the klik project members [was: The klik project and Debian]
Next by thread: Re: Re: Re: statement from one of the klik project members [was: The klik project and Debian]
Index(es):
- Date
- Thread