Re: Exploit in Upgrade Chain?

To: debian-security@lists.debian.org
Subject: Re: Exploit in Upgrade Chain?
From: Celejar <celejar@gmail.com>
Date: Thu, 12 Feb 2009 14:51:57 -0500
Message-id: <[🔎] 20090212145157.f7f280cc.celejar@gmail.com>
In-reply-to: <[🔎] 49943319.9090301@cateee.net>
References: <1407c5e60902112126q197eb474w9abfd88781c81eca@mail.gmail.com> <[🔎] 200902120813.03081.bss@iguanasuicide.net> <[🔎] 49943319.9090301@cateee.net>

On Thu, 12 Feb 2009 15:32:57 +0100
"Giacomo A. Catenazzi" <cate@cateee.net> wrote:

> Boyd Stephen Smith Jr. wrote:

...

> > I don't see how a 600 /etc can be exploited.  Do you have any other records 
> > that would indicate you are exploited, or is this just fear-mongering?
> 
> /etc with 600 is a grave error!
> /etc/ must be accessible for the following reasons:
> - debian alternatives (and some posix program requires i.e. "editor" command)
> - networking: libc need to read some file  (resolver, hostname, ...), and this
>    is done in normal user context
> - passwd must be public (indirectly required by POSIX)
> - etc has configuration of daemon, which could read such configuration
>    in different deamon context (not root). This is true especially by
>    reloading configuration
> - and a lot more reasons.
> 
> Some files must be protected, not the entire /etc.

I'm sure he knows it's an error; his point is just that it's not
exploitable.

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator

Reply to:

References:
- Re: Exploit in Upgrade Chain?
  - From: "Boyd Stephen Smith Jr." <bss@iguanasuicide.net>
- Re: Exploit in Upgrade Chain?
  - From: "Giacomo A. Catenazzi" <cate@cateee.net>

Prev by Date: Re: Exploit in Upgrade Chain?
Next by Date: Re: Exploit in Upgrade Chain?
Previous by thread: Re: Exploit in Upgrade Chain?
Next by thread: Re: Exploit in Upgrade Chain?
Index(es):
- Date
- Thread