Re: Security Implications of DKMS?

To: debian-security@lists.debian.org
Cc: David Ehle <ehle@phys.iit.edu>
Subject: Re: Security Implications of DKMS?
From: Russell Coker <russell@coker.com.au>
Date: Tue, 27 Mar 2012 19:14:28 +1100
Message-id: <201203271914.29174.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <alpine.DEB.1.10.1203261023150.10762@agni>
References: <alpine.DEB.1.10.1203261023150.10762@agni>

On Tue, 27 Mar 2012, David Ehle <ehle@phys.iit.edu> wrote:
> Isn't having compilers/build tools considered a security "no no" if 
> possible to avoid?

There have been some attacks on systems which have relied on the presence of 
various compilers and interpreters, the best known example is the Morris Worm.  
But there are few of them that couldn't have been written to talk to a server 
which has binaries for all common platforms and download the code that 
matches.

Nowadays there are far fewer platforms than there used to be so any hostile 
party who develops an exploit for Linux will probably just concentrate on i386 
and AMD64 with a somewhat recent GLIBC.

Also there's the issue of how a system is exploited.  If an exploit relies on 
a bug that is specific to a particular architecture of a particular OS then 
there would be no benefit in the attacker sending source code as they know 
exactly the binary that they need to send.

Finally there's a lot that can be done with Perl, Python, and shell scripts 
and a modern Debian system is not very usable without all three of those.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

Reply to:

References:
- Security Implications of DKMS?
  - From: David Ehle <ehle@phys.iit.edu>

Prev by Date: Re: [DSA 2442-1] openarena security update
Next by Date: Re: Security Implications of DKMS?
Previous by thread: Re: Security Implications of DKMS?
Next by thread: Re: Security Implications of DKMS?
Index(es):
- Date
- Thread