[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Root privilege (SOLVED)

On Thu, Jan 11, 2007 at 04:06:01PM EST, Andrei Popescu wrote:
> On Thu, 11 Jan 2007 14:01:55 -0500
> cga2000 <cga2000@optonline.net> wrote:
> 
> > Well .. the malware could be the installer itself, no..?  It _is_
> > software after all.  If I was up to no good that's exactly where I'd
> > stick my mal-code..  only runs once .. under root, usually ..  does
> > its stuff .. removes itself.. and pop goes the weasel ..
> > 
> > Why should install programs run with the "extreme" privileges I
> > mentioned earlier when it is totally unnecessary in the first place?
> 
> Installers on linux are the exception not the rule.

Yes, but the "installing" function in a broad sense is at the root (pun
intended) of practically all vulnerabilities .. Even if you're
eavesdropping on transient data, you still need to install you sniffer
somewhere.

> > Besides, isn't this practice of switching to root whenever you
> > install a program in clear violation of the first -- 2nd, 3rd .. ?
> > principle of computer security .. ?? -- ie. users of a given system
> > should not be granted more privileges than necessary to perform the
> > tasks that fall within the scope of their position.  
> >
> > No reason I can think of why Joe Consultant should have read/write
> > access to the company's payroll files or other confidential data when
> > all he needs is permission to upgrade a couple of binaries in
> > usr/bin.  
> 
> But that's exactly it. Upgrading those binaries is a potential security
> problem ..

So is mopping up the floors in a timely manner..  Doesn't mean you want
the janitor to have the keys to the corporate safe.

> .. and it should be delegated only to responsible persons.

hence accountability -- sudo appears do that .. but where's the
granularity..?

> > I'm not really convinced.  I'm no expert, but sudo does sound a bit
> > like the "dancing dog at the circus" to me ..  For one thing, KISS is
> > another fundamental principle where system security is concerned and
> > in this respect, sudo does not seem to go in the right direction.
> 
> AFAICT sudo is actually plugging some of the holes mentioned in that
> handbook. It has logging and you can delegate specific tasks or even
> single commands to specific users or groups.

sudo obviously has merits, especially in a multi-admin context.  But
as you suggest above .. it ends up feeling more like a collection of
band-aids than corrective surgery.   

Thanks for your comments.

cga
Reply to: