On Mon, Jun 18, 2001 at 06:41:59PM +0200, Christian Jaeger wrote: > > Well, if the 'apt-get update && apt-get upgrade' wrapper doesn't take > any input and resets the environment (is there anything else it > should take care of?) then even if called by the cracker it wouldn't > do anything else than upgrade the system the same way upgrades were > happening anyway before the breakin. (Ok, there may be an issue with > the changing inode numbers lids is depending upon and which would not > get updated immediately after upgrading software.) what if the attacker can poisen your DNS, or routing tables? then he can trick apt into downloading his 37337 `security update' (more like unsecurity update heh) > And/or if I install a special shell binary that has capabilities to > access the whole filesystem, but exits immediately unless called by > sshd, then system administrators still can just login as root and do > what they are used to do, without risking a hacker using the same > tool because he (probably) didn't use sshd to gain access to the > machine. (Of course, this requires 1. sshd not having a problem, and > 2. making sure depending files like /etc/shadow, pam etc are > protected, but that's what lids people propagate anyway). > > Am I wrong? get root, run passwd root, ssh in. > Of course if lids in fact can't deny access to disk devices then > probably all is lost... lids can, it adds new capabilities or else modifies one of the existing ones. (at least last i read the FAQ that seemed to be implyed). -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpg5HchFuM8C.pgp
Description: PGP signature