Re: Checksums on ftp

To: Jim Breton <jamesb-debian@alongtheway.com>
Cc: debian-security@lists.debian.org
Subject: Re: Checksums on ftp
From: Alexander Hvostov <vulture@aoi.dyndns.org>
Date: Thu, 27 Apr 2000 23:44:23 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.4.21.0004272336490.2017-100000@cornerstone.core.aoi>
In-reply-to: <[🔎] 20000428020307.O23709@alongtheway.com>

Jim,

Not the capability _bounding_ set. Check the 'lcap' package. The only time
the capabilities are restored is when the machine is rebooted, and only a
process which originated as a kernel thread (i.e., init, kswapd, etc) can
restore capabilities without a reboot. None of those programs will do
this, so make /sbin/init immutable (which it should be anyway), and your
system is pretty much air-tight, as far as remote attacks go.

Regards,

Alex.

---
PGP/GPG Fingerprint:
  EFD1 AC6C 7ED5 E453 C367  AC7A B474 16E0 758D 7ED9

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
------END GEEK CODE BLOCK------

On Fri, 28 Apr 2000, Jim Breton wrote:

> On Thu, Apr 27, 2000 at 05:35:42PM -0800, Ethan Benson wrote:
> > why zap an immutable log file?  it won't contain any new entries since
> > syslogd cannot write to it either :P  you probably mean the append
> > only bit.  which is indeed useful on logs but breaks log rotation
> > which is rather annoying.
> 
> Yup I did mean append-only.  You could always mix a chattr -a, chattr +a
> into your log rotation scripts to work around that.
> 
> 
> > someone else mentioned Linux Privileges (misnomer capabilities) which
> > i think can be used to get the BSD style immutable bit -- root can set
> > but not remove.  but still that is damned inconvenient if you want to
> > upgrade something legitimately and have to reboot to do it.  (almost
> > like NT, gah)
> 
> Yep.  Actually I'm not completely familiar with this yet, I tried to set
> it up on my box but didn't encounter much success because I think I
> didn't correctly compile the caps into the kernel.  There's supposedly
> one or two edits you have to make and the doc I saw wasn't very clear.
> 
> But from what I've seen so far, I do believe you would be able to
> somehow add capabilities to a running process (as well as remove them).
> 
> Just don't ask me how yet.  :)
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

Follow-Ups:
- Re: Checksums on ftp
  - From: Jim Breton <jamesb-debian@alongtheway.com>

References:
- Re: Checksums on ftp
  - From: Jim Breton <jamesb-debian@alongtheway.com>

Prev by Date: Re: Checksums on ftp
Next by Date: Re: Checksums on ftp
Previous by thread: Re: Checksums on ftp
Next by thread: Re: Checksums on ftp
Index(es):
- Date
- Thread