[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Help! Grub is broken

On Sat, 21 Mar 2009 02:58:13 -0700
Thorny <thorntreehome@gmail.com> wrote:

...

> Naturally any of this is opinion on both sides. It isn't really possible
> for me to give data that shows something doesn't exist. And, you have
> no reason to believe me or anyone else but will you please review this
> article by Rick Moen, he makes a cogent argument.
> 
> http://linuxmafia.com/~rick/faq/index.php?page=virus
> 
> If after reviewing it you still think you are correct, aside from possible
> semantic differences about the definition of virus, cone back and I
> suppose we can try to discuss further or agree to disagree. Otherwise, I

One serious flaw in his article is that he doesn't consider the case of
users who have full passwordless sudo enabled for their normal user
account (some_user ALL = NOPASSWD: ALL).  I know this is not the
safest, most paranoid setup, but I suspect that it's fairly common.
Moen argues that:

"Last, you say, surely sysadmins stupid enough to take dangerous
actions as root must be becoming the norm instead of a rarity, given
Linux's current explosive growth — thus undermining the whole security
model. This, too, is true — but there are powerful forces at work to
educate new sysadmins: The administrative tools, themselves, tend to
stress that the root account is dangerous and should be used minimally
and carefully, as does Linux's new-user documentation. Also, those
sysadmins resistant to learning this message via such avenues
inevitably learn it the hard way, by destroying or crippling their
systems repeatedly — until they learn. In that regard, viruses do not
even stand out from the general likelihood of repeatedly destroying
one's system, until one learns to not do unwise things as root. The
difference between "hostile" executables (such as viruses) and others
is academic, when a root-account user can already shoot off his/her
foot or other vital parts, with one of myriad, brief commands. Put the
other way, the same survival skills by which you, as a novice sysadmin,
will cease destroying your system directly will also, more generally,
dissuade you from doing unwise things as root, thereby incidentally
keeping viruses and their kin off your system.

Or, put a third way, the Linux community would see no real distinction
between novices who (as root) infect their systems (if this should ever
happen to significant numbers of them), and those who accidentally type
some variation on "rm -rf /" (delete all files) while logged in as
root: Both are a result of inexperience and lack of caution. In both
cases, education, attention, and experience are a 100% effective cure."

But this equivalence between insecure systems and those likely to fall
victim to an accidental "rm -rf /" breaks down for the above case,
since accidents become much less likely, but a virus can still do
whatever it wants by prefacing its actions with 'sudo'.

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: