On Thu, Jan 11, 2007 at 04:06:01PM EST, Andrei Popescu wrote: > On Thu, 11 Jan 2007 14:01:55 -0500 > cga2000 <[EMAIL PROTECTED]> wrote: > > > Well .. the malware could be the installer itself, no..? It _is_ > > software after all. If I was up to no good that's exactly where I'd > > stick my mal-code.. only runs once .. under root, usually .. does > > its stuff .. removes itself.. and pop goes the weasel .. > > > > Why should install programs run with the "extreme" privileges I > > mentioned earlier when it is totally unnecessary in the first place? > > Installers on linux are the exception not the rule.
Yes, but the "installing" function in a broad sense is at the root (pun intended) of practically all vulnerabilities .. Even if you're eavesdropping on transient data, you still need to install you sniffer somewhere. > > Besides, isn't this practice of switching to root whenever you > > install a program in clear violation of the first -- 2nd, 3rd .. ? > > principle of computer security .. ?? -- ie. users of a given system > > should not be granted more privileges than necessary to perform the > > tasks that fall within the scope of their position. > > > > No reason I can think of why Joe Consultant should have read/write > > access to the company's payroll files or other confidential data when > > all he needs is permission to upgrade a couple of binaries in > > usr/bin. > > But that's exactly it. Upgrading those binaries is a potential security > problem .. So is mopping up the floors in a timely manner.. Doesn't mean you want the janitor to have the keys to the corporate safe. > .. and it should be delegated only to responsible persons. hence accountability -- sudo appears do that .. but where's the granularity..? > > I'm not really convinced. I'm no expert, but sudo does sound a bit > > like the "dancing dog at the circus" to me .. For one thing, KISS is > > another fundamental principle where system security is concerned and > > in this respect, sudo does not seem to go in the right direction. > > AFAICT sudo is actually plugging some of the holes mentioned in that > handbook. It has logging and you can delegate specific tasks or even > single commands to specific users or groups. sudo obviously has merits, especially in a multi-admin context. But as you suggest above .. it ends up feeling more like a collection of band-aids than corrective surgery. Thanks for your comments. cga -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
