Re: Preparing Debian for using capabilities: file ownership.

[Seth Arnold <sarnold@willamette.edu>]

* Joey Hess <joeyh@debian.org> [000926 14:52]:
> Nicolás Lichtmaier wrote:
> >  Your point is so obvious. duh... how did I miss that?
> >  Of course that cracking bin would be like cracking root...!
> 
> This is not an issue if
> 
> a) bin has no passowrd so people cannot log in as bin
> and
> b) nothing on the system is suid bin

Joey, if bin owns ls, then someone that cracks the bin account (via some
non-interactive means) could replace ls with a version of ls that opens
a port connected to a shell.

The next time root runs ls, there is a shell running as root sitting
open, ready for someone to connect with netcat.

So, cracking whatever account owns the system binaries is tantamount to
cracking root, whenever root executes one of those programs.

Right?