Bug#299007: base-files: Insecure PATH

To: 299007@bugs.debian.org, allomber@math.u-bordeaux.fr
Subject: Bug#299007: base-files: Insecure PATH
From: psz@maths.usyd.edu.au
Date: Tue, 22 Mar 2005 12:56:28 +1100
Message-id: <[🔎] 200503220156.j2M1uSC5007156@pisa.maths.usyd.edu.au>
Reply-to: psz@maths.usyd.edu.au, 299007@bugs.debian.org
In-reply-to: <[🔎] 20050321225555.GK30645@seventeen>

Bill,

>> Though nfs-user-server may "know" about the squash_gids option,
>> nfs-kernel-server does not.
> 
> You can emulate squash_gids using the ugidd daemon. Just map staff to
> nogroup.
> 
> In fact, most of your problems can be solved with use of ugidd, and this
> is not Debian specific.

Using squash_gids or ugidd would prevent an attacker from creating a
setgid-staff object, thus keeping things safe while there are no users in
group staff. Neither squash_gids nor ugidd would prevent scribbling over
the .bashrc file of, or otherwise trojan, a user in group staff.

I beleive that group staff is pretty useless until you put some users into
that group. Using squash_gids or ugidd we can keep it safe in that default
but useless state; we can not make it safe in the useful state.

Would you agree with the above? (Then we should think about groups disk and
tty also.)

(The problem is not Debian-specific. Only the policy is; am not sure if
other distibutions even have a policy.)

Cheers,

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia

Reply to:

References:
- Bug#299007: base-files: Insecure PATH
  - From: Bill Allombert <allomber@math.u-bordeaux.fr>

Prev by Date: Bug#299007: base-files: Insecure PATH
Next by Date: Bug#299007: base-files: Insecure PATH
Previous by thread: Bug#299007: base-files: Insecure PATH
Next by thread: Bug#299007: base-files: Insecure PATH
Index(es):
- Date
- Thread