Re: Root privilege (SOLVED)
On Thu, Jan 11, 2007 at 04:06:01PM EST, Andrei Popescu wrote:
> On Thu, 11 Jan 2007 14:01:55 -0500
> cga2000 <cga2000@optonline.net> wrote:
>
> > Well .. the malware could be the installer itself, no..? It _is_
> > software after all. If I was up to no good that's exactly where I'd
> > stick my mal-code.. only runs once .. under root, usually .. does
> > its stuff .. removes itself.. and pop goes the weasel ..
> >
> > Why should install programs run with the "extreme" privileges I
> > mentioned earlier when it is totally unnecessary in the first place?
>
> Installers on linux are the exception not the rule.
Yes, but the "installing" function in a broad sense is at the root (pun
intended) of practically all vulnerabilities .. Even if you're
eavesdropping on transient data, you still need to install you sniffer
somewhere.
> > Besides, isn't this practice of switching to root whenever you
> > install a program in clear violation of the first -- 2nd, 3rd .. ?
> > principle of computer security .. ?? -- ie. users of a given system
> > should not be granted more privileges than necessary to perform the
> > tasks that fall within the scope of their position.
> >
> > No reason I can think of why Joe Consultant should have read/write
> > access to the company's payroll files or other confidential data when
> > all he needs is permission to upgrade a couple of binaries in
> > usr/bin.
>
> But that's exactly it. Upgrading those binaries is a potential security
> problem ..
So is mopping up the floors in a timely manner.. Doesn't mean you want
the janitor to have the keys to the corporate safe.
> .. and it should be delegated only to responsible persons.
hence accountability -- sudo appears do that .. but where's the
granularity..?
> > I'm not really convinced. I'm no expert, but sudo does sound a bit
> > like the "dancing dog at the circus" to me .. For one thing, KISS is
> > another fundamental principle where system security is concerned and
> > in this respect, sudo does not seem to go in the right direction.
>
> AFAICT sudo is actually plugging some of the holes mentioned in that
> handbook. It has logging and you can delegate specific tasks or even
> single commands to specific users or groups.
sudo obviously has merits, especially in a multi-admin context. But
as you suggest above .. it ends up feeling more like a collection of
band-aids than corrective surgery.
Thanks for your comments.
cga
Reply to: