[nylug-talk] Weakest Links

H. G. tekronis at gmail.com
Fri Aug 31 15:50:36 EDT 2007 

On 8/31/07, Ajai Khattri <ajai at bitblit.net> wrote:
>
> On Fri, 31 Aug 2007, H. G. wrote:
>
> > What I meant by "user separation" was the rights granted to "regular"
> users
> > and
> > "root"; ie, "regular users" cannot write to "bin:/sbin:
> /usr/bin:/usr/sbin",
> > therefore
> > they cannot directly modify binaries.
>
> And the problem with this is...???


That it isn't fine-grained enough.  (Sorry for sounding a skipped disc /
broken record...)

It isn't effective enough because each app that you run personally, runs
as your user, and this means that they all have access to each other's
configurations, rc files and directories within your user directory (and
whatever other resources your user has write access to).  They can
trample on each other's stuff, or inject things as directed by malicious
code.  The user permissions model is simply to "coarse" to distinguish
between them, though I do suppose you can go super crazy and create
a user for each app and run each app using 'sudo -u'....

There is nothing wrong with it, but its simply not enough (imho).

> Certainly true. But I'm referring to installed machines being used by
> > users "in the wild". Just the same way a Windows box gets compromised
> > post-installation when connected to a network, the same can conceivably
> > happen to a Linux machine.
>
> The difference is (or maybe "was") in Windows pretty much most of the
> services were switched on by default after an install and a lot of those
> services have long had exploits available for them merely by connecting
> to a port (hell, the GDI layer had some serious bugs that could infect the
> machine merely by viewing a carefully crafted image on a web page).
>
> > If for example, Joe buys an Ubuntu machine from Dell and installs the
> > latest Firefox.  An exploit was discovered for this "stable" version of
> > Firefox
>
> Though, to be fair, Firefox prompts users to update if that is switched on
> (I dont know if it is a default but its bugged me every day until I ran an
> update :-)
>
> > The Ubuntu team may discover this and issue
> > and alert while at the same time upgrading Firefox.  Even though his box
> > grabs the update, he has already been violated, and the "evil" is still
> > there,
> > for example as a .rc file for certain other apps Joe may possibly run.
>
> Its possible Im sure but that might not be a good example, web browsers
> are generally not given access to local files (even applets have to ask
> for permission from the user).


I was just using it as an example of a common app thats very likely to be used
by Average User Joe (not meant in a condescending way).

> Basically the same way that ZFS changed the game by being not simply just
> > another filesystem, but a full-on amalgamation of volume manager, RAID
> > _and_ filesystem, I think we're about due for the same sort of
> phenomenon
> > in terms of security.  Whats good is that products like these are
> already in
> > existence, but I just want to see them a bit more widespread.
>
> So Use The Source - approach your fave distro and contribute patches,
> become a tester and/or developer, get on a mailing list and talk about it.
>
>
>
> --
> Aj.
>
>
> _____________________________________________________________________________
> Hire expert Linux talent by posting jobs here :: http://jobs.nylug.org
> The nylug-talk mailing list is at nylug-talk at nylug.org
> The list archive is at http://nylug.org/pipermail/nylug-talk
> To subscribe or unsubscribe: http://nylug.org/mailman/listinfo/nylug-talk
>

More information about the nylug-talk mailing list