On Mon, Mar 19, 2001 at 09:52:43AM -0500, Walter Tautz wrote: > i suppose there are a number of solutions ... > > adding an appropriate group characteristic to > the executables and the places apt, dpkg write to > under /var and then adding users to the group... that won't do anything useful every debian package writes to the filesystem in places only writable by root. > setuid....not a good idea > > > some sort of server that runs on the host and receives > requests for software and it does the installs.... > > I am thinking of the situation where one has a large collection > of computers with many users. It would be an interesting experiment > to see which packages most users need rather than installing a huge > collection of packages by default. Instead let the users determine their > needs provided they can use a better tool than apt-cache search or some > kind of user friendly frontend. allowing ordinary users to install packages is automatic full root access. many packages have interactive postinst scripts, all the user needs to do is install one and wait for the script to run, then use job control to background the script and gain root. or if that doesn't work they can definitly get root if they manage to upgrade a package with an altered config file. when dpkg asks what to do about the altered config file they can use the `diff' option and then use less' shell escapes to run a root shell. they could also find out about a huge security hole in some package, and then install that package before a fix is made etc etc. don't allow anyone to install software globally that you don't trust with the root password. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgp2ZNEC1iKcD.pgp
Description: PGP signature