Re: stuff in ~/bin won't run

To: debian-user@lists.debian.org
Subject: Re: stuff in ~/bin won't run
From: Sven Joachim <svenjoac@gmx.de>
Date: Tue, 13 Jan 2009 20:43:59 +0100
Message-id: <[🔎] 87hc439ekg.fsf@turtle.gmx.de>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 496CEB57.7080904@gmail.com> (Daryl Styrk's message of "Tue, 13 Jan 2009 14:28:23 -0500")
References: <[🔎] 20090113111049.37025ec7@teksavvy.com> <[🔎] 880dece00901130813y69b94318l78299b555f74809a@mail.gmail.com> <[🔎] 880dece00901130815r4aab79a5m31ecb62dbc74fd30@mail.gmail.com> <[🔎] 537f90650901131023v3787f6f1v1ed59316ecda7a52@mail.gmail.com> <[🔎] 496CE436.5000203@gmail.com> <[🔎] 880dece00901131108l5ca62bf2q3f321e95d6f3c4e4@mail.gmail.com> <[🔎] 496CEB57.7080904@gmail.com>

On 2009-01-13 20:28 +0100, Daryl Styrk wrote:

> "This is unsafe because you are trusting that your own version of the
> more command works properly. But it is also risky for a more important
> reason: system security. If your PATH is set up in this way, you leave
> open a "hole" that is well known to computer crackers and mischief
> makers: they can install "Trojan horses" and do other things to steal
> files or do damage."

The book in general is not so bad, but this statement, in fact the whole
paragraph, is just nonsense.

> There is a senerio that goes on to detail how a user with a suid script
> in their personal bin directory before a public bin.  Creating a Trojan
> that looks for a common utility such as grep..

For one thing, the suid bit is ignored for scripts on Linux.  And your
~/bin directory should never be writable by other people.

> The example script..
> "cp /bin/bash filenamechown root filenamechmod 4755 filename/bin/grep
> "$@"rm ~/bin/grep"

Will just not work, unless the user executing the script is root.

> "Sits back and waits for the user to run the suid shell script—which
> calls the Trojan horse, which in turn creates the suid shell and then
> self-destructs."
>
> If you have the book I'm looking at chapter 10. 10.3.2 to be exact.

Do you have the third edition?  The second edition which I own does not
have sections inside the chapters numbered.

Sven

Reply to:

References:
- stuff in ~/bin won't run
  - From: JoeHill <joehill@teksavvy.com>
- Re: stuff in ~/bin won't run
  - From: "Dotan Cohen" <dotancohen@gmail.com>
- Re: stuff in ~/bin won't run
  - From: "Dotan Cohen" <dotancohen@gmail.com>
- Re: stuff in ~/bin won't run
  - From: "Mike Castle" <dalgoda+debian@gmail.com>
- Re: stuff in ~/bin won't run
  - From: Daryl Styrk <darylstyrk@gmail.com>
- Re: stuff in ~/bin won't run
  - From: "Dotan Cohen" <dotancohen@gmail.com>
- Re: stuff in ~/bin won't run
  - From: Daryl Styrk <darylstyrk@gmail.com>

Prev by Date: Re: Master/slave ??
Next by Date: Re: stuff in ~/bin won't run
Previous by thread: Re: stuff in ~/bin won't run
Next by thread: Re: stuff in ~/bin won't run
Index(es):
- Date
- Thread