Re: Bugs in Browsers: Mozilla & Co. vs. Exploder

To: Debian User <debian-user@lists.debian.org>
Subject: Re: Bugs in Browsers: Mozilla & Co. vs. Exploder
From: Colin Watson <cjwatson@debian.org>
Date: Fri, 13 Dec 2002 00:45:25 +0000
Message-id: <[🔎] 20021213004525.GB10052@riva.ucam.org>
Mail-followup-to: Debian User <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20021212225722.GB15914@maremma.ch>
References: <[🔎] 20021212225722.GB15914@maremma.ch>

On Thu, Dec 12, 2002 at 11:57:22PM +0100, Lukas Ruf wrote:
> Dear all,
> 
> on the one hand one reads about bugs in the Mircosoft Internet
> Exploder based on Active Scripting and other holes quite often.  On
> the other hand, rarely bugs in the Mozilla and Co. are reported.
> However, I believe that bugs are human -- without touching the
> philosophical question whether humans are no bugs ,-). So, bugs do
> also exist in Mozilla and Co, I assume.

bugzilla.mozilla.org lists plenty ...

> When I take now a look to Mozilla that is run on my Debian box, 
>   ruf ... /usr/lib/mozilla/mozilla-bin
>   ruf ...   \_ /usr/lib/mozilla/mozilla-bin
>   ruf ...       \_ /usr/lib/mozilla/mozilla-bin
>   ruf ...       \_ /usr/lib/mozilla/mozilla-bin
>   ruf ...       \_ /usr/lib/mozilla/mozilla-bin
>   ruf ...       \_ /usr/lib/mozilla/mozilla-bin
> Mozilla runs with my user id.  This I do not really appreciate.
> 
> So, my question is quite easy: wouldn't it be more secure if mozilla
> was installed by dselect/apt-get/dpkg with set-uid to nobody.nogroup?

No! nobody.nogroup should *never* own any files, ever, ever. It's
correct that Mozilla runs as your user id.

  nobody, nogroup

      Daemons that need not own any files run as user nobody and group
      nogroup. Thus, no files on a system should be owned by this user
      or group.

(Draft base-passwd documentation. Hm, possibly that warning should be
made more severe.)

> /* Of course, this would make impossible to download files into one's
>    home directory except it was world writable -- and caching files
>    would cause either more headache or the appropriate directory would
>    require world writability, too.
>    But Linux is quite often used on personal stations where only one
>    user account exists, e.g. on my laptop.  In this case, I would
>    prefer writing the downloaded files to /tmp all the time and having
>    world writable caches but would get little more security. */

It sounds like you want SE Linux, really ... googling for "SE Linux" or
"SE Linux Debian" should help. Much of its development is happening on
Debian. As I understand it, at the moment you'll need to be fairly
proficient to get it running well.

Alternatively, if you're just worried about losing vital personal files,
you might want to consider storing them in a revision control system
(or, of course, keeping good backups).

Cheers,

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

Follow-Ups:
- dhclient not working properly after failed network install
  - From: "Benedict Verheyen" <linux4bene@pandora.be>

References:
- Bugs in Browsers: Mozilla & Co. vs. Exploder
  - From: Lukas Ruf <ruf@rawip.org>

Prev by Date: Re: IMAP recommendations
Next by Date: Re: "Debian Way": libapache-mod-ssl & i586-optimized libssl
Previous by thread: Re: Bugs in Browsers: Mozilla & Co. vs. Exploder
Next by thread: dhclient not working properly after failed network install
Index(es):
- Date
- Thread