Re: Writing to /etc/ from a "privileged" UI

To: debian-devel@lists.debian.org
Subject: Re: Writing to /etc/ from a "privileged" UI
From: Russ Allbery <rra@debian.org>
Date: Wed, 11 May 2011 18:45:01 -0700
Message-id: <[🔎] 87hb90u1ya.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] 20110512012603.GB31755@khazad-dum.debian.net> (Henrique de Moraes Holschuh's message of "Wed, 11 May 2011 22:26:03 -0300")
References: <1304918280.f23BC38D1406.20467@mail.ua> <[🔎] 20110509093907.01a24e16@local> <[🔎] 20110509091253.GA7470@angband.pl> <[🔎] 20110509112003.3254a13b@local> <[🔎] 20110509134541.GB633@cleo.wdw> <[🔎] 20110509165939.598ef038@local> <[🔎] 20110509152600.GB10566@ca.home.jhr-online.de> <[🔎] 87ei456m0b.fsf@alhambra.kuesterei.ch> <[🔎] 20110511205416.GA1073@angband.pl> <[🔎] 20110511211547.GW4371@urchin.earth.li> <[🔎] 20110512012603.GB31755@khazad-dum.debian.net>

Henrique de Moraes Holschuh <hmh@debian.org> writes:
> On Wed, 11 May 2011, Dominic Hargreaves wrote:

>> This is not necessarily the case if a per-user encrypted filestore,
>> such as ecryptfs, is in use (where a user may be unlocking access to
>> their home directory at the same time as logging in, via a pam hook).

> I suppose you do have done the non-trivial steps required to secure the
> box against a rogue kernel install by the 'untrusted' person?

> This is only one possible attack vector.  There are others.  There are
> defenses, but they go way beyond 'a per-user encrypted filesystem'.

While this is all of course correct from a theoretical security
standpoint, and these are all things one needs to care about if hardening
a system against arbitrary attackers, a lot of real-life security isn't
like that.  There's often a good bit of merit in making reading private
data reasonably difficult but not bothering making it impossible when the
attacks one is worried about are casual snooping or accidental
eavesdropping as opposed to concerted effort.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- Writing to /etc/ from a "privileged" UI
  - From: David Paleino <dapal@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Adam Borowski <kilobyte@angband.pl>
- Re: Writing to /etc/ from a "privileged" UI
  - From: David Paleino <dapal@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Marvin Renich <mrvn@renich.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: David Paleino <dapal@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Jan Hauke Rahm <jhr@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Frank Küster <frank@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Adam Borowski <kilobyte@angband.pl>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Dominic Hargreaves <dom@earth.li>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: Re: Writing to /etc/ from a "privileged" UI
Next by Date: Bug#626441: general: When first logging in, usb wireless keyboard/mouse is not working
Previous by thread: Re: Writing to /etc/ from a "privileged" UI
Next by thread: Re: Writing to /etc/ from a "privileged" UI
Index(es):
- Date
- Thread