Le vendredi 07 décembre 2007 à 19:18 +0100, Martin Pitt a écrit : > Hi all, > > one thing that has bothered me for a long time already is the > complete lack of a security boundary between processes of the same > user. Things like LD_PRELOAD and ptrace() (IOW, gdb) are enabled by > default for all users, and especially for developers this is a good > thing. > > However, a lot of programs that we have deal with passwords and other > secrets which deserve some protection, like passwords you type into > ssh, screensavers, seahorse, etc.
> One easy solution that comes to my mind is to install those affected > programs setgid, and drop the additional group immediately after > program start with setgid(getgid()). For this we should introduce a > new static group into base-passwd, like "noptrace", to not abuse > existing groups and not confuse auditing tools. Given that it seems unlikely that we obtain another solution, should we start right now with that stuff? Colin, as base-passwd maintainer, do you have anything against creating such a group? Cheers, -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `- our own. Resistance is futile.
signature.asc
Description: Ceci est une partie de message numériquement signée
