On Oct 7, 12:42 pm, Chris Chiasson <[EMAIL PROTECTED]> wrote:
Hello Chris,
> What about a virtualized system for each user?
Sure, that works, but seems to be an extraordinary amount of work to
fix the problem. Down the road at least the public notebook on
sage.math will migrate to its own hardware, so it "solved" the problem
by using another box. If that box ever were to get compromised you
just reinstall from scratch. This problem is mostly hypothetical
because few actually have the skillset to break out of chroot and also
sage is a very small target for now. That will (hopefully) change down
the road and if I were ever motivated to break into a math department
that would be running a public Sage notebook I would certainly know
where to look first. Once you force everybody to use accounts on a
Sage notebook there are easier targets out there.
Cheers,
Michael
>
> On Oct 6, 3:43 pm, mabshoff <[EMAIL PROTECTED]
>
> dortmund.de> wrote:
> > On Oct 6, 9:27 pm, Michel <[EMAIL PROTECTED]> wrote:
>
> > > > I helps a little, but getting from non-privileged shell to root shell
> > > > provided you have compilers isn't very hard.
>
> > Hello Michel,
>
> > > Do you claim any ordinary user can become root? I.e. that the
> > > unix security model is worthless? Surely this is not what you mean.
> > > Can you clarify?
>
> > What I mean with that is that with the current frequency of local
> > exploits reported with common operating systems, be it Linux, Windows,
> > MacOSX or whatever, the most difficult step is usually getting a local
> > [unprivileged] shell on the system one tries to penetrate. With a Sage
> > notebook installed, even in a change root environment, an attacker
> > already has a fully functioning python interpreter at his/her command
> > and via "system" a shell. So all it takes is an unpatched local
> > exploit and the box is pawned, assuming the attack is reasonably
> > skilled.
>
> > In the past many security penetrations for Linux boxen have been
> > traced to old kernels and usually stolen credentials for non-
> > privileged user accounts. One prime example was the pawning of a lot
> > of Debian servers, I am sure the vast majority of breaches are never
> > reported or at least don't make it into the news. The same applies to
> > OSX and Windows and to a lesser extend to *BSD and Solaris, mostly
> > because the skill set to attack *BSD and Solaris is less common these
> > days.
>
> > > Regards,
> > > Michel
>
> > Cheers,
>
> > Michael
--~--~---------~--~----~------------~-------~--~----~
To post to this group, send email to sage-devel@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/sage-devel
URLs: http://sage.scipy.org/sage/ and http://modular.math.washington.edu/sage/
-~----------~----~----~----~------~----~------~--~---
