[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Checksums on ftp



On Thu, Apr 27, 2000 at 04:30:28PM +0000, Jim Breton wrote:
> On Thu, Apr 27, 2000 at 01:13:34AM -0800, Ethan Benson wrote:
> > this contrasts with linux's immutable bit that the superuser may
> > remove whenever he wants, making it mostly pointless.  (i read
> 
> Yah I looked at it that way too at first.  Fwict, there are still two
> advantages to using it however:
> 
> a) one means of "security through obscurity" where some folks who do
> manage to hack a box will not be aware of the existence of the immutable
> bit and will be confused when they are unable to delete the file despite
> the necessary permissions (yah this is weak, but nevertheless real)  ;-)

that is pretty weak there... 

> b) more importantly, it will break some "log zapper" scripts often used
> by script kiddies.  Some other vulnerabilities would be thwarted also,

why zap an immutable log file?  it won't contain any new entries since
syslogd cannot write to it either :P  you probably mean the append
only bit.  which is indeed useful on logs but breaks log rotation
which is rather annoying.

> where you use a vulnerability in one binary to over-write another
> program's configuration file and make it heed your will.

indeed, i do use the immutable bit on my user's ~/.ssh and
~/.ssh/authorized_keys, its exceedingly inconvenient but ensures that
even if i somehow run some trojan as me that nobody can add a new key
to my authorized_keys file.  though chmod 400 would probably be enough
for that... 

someone else mentioned Linux Privileges (misnomer capabilities) which
i think can be used to get the BSD style immutable bit -- root can set
but not remove.  but still that is damned inconvenient if you want to
upgrade something legitimately and have to reboot to do it.  (almost
like NT, gah)

> 
> Sorry if my message is a little incoherent, I just woke up and I can
> hardly see or think yet.  :)

i know the feeling ;-)

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpiVhXAIjZcO.pgp
Description: PGP signature


Reply to: