[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC] User Accesable Filesystem Hierarchy Standard



Date: Tue, 6 Apr 2004 09:40:03 +0300
From: "Doncho N. Gunchev" <mr700 globalnet bg>

On Monday 05 April 2004 19:07, Robert Marcano wrote:
> On Mon, 2004-04-05 at 11:30, Doncho N. Gunchev wrote:
> > On Monday 05 April 2004 17:17, Michael A. Peters wrote:
> > > ...
> > > I personally don't like the idea.
> > > If I want a bin directory in my home directory - export PATH=~/bin:$PATH
> > >
> > > The problem I see is security. A virus can not alter binaries it does
> > > not have permission to alter, and that is why binaries, config files,
> > > default templates, etc. should be installed with root ownership by the
> > > root user.
> > A virus/worm can damage only files owned by the user, so with
> > or without binaries owned by the user who has run the virus/worm
> > in her/his home, it can make the same damage. A virus/worm can make
> > ~/.bin and also export PATH="~/.bin:$PATH" from your ~/.bashrc.
> > What's the diference? The only way to stop the user from running
> > untrusted applications is to mount /home and /tmp with noexec,
> > which breaks some applications (rpmbuild, mc) :(
> >
>
> But if the system allow an user to install shared applications without
> any kind of authentication, a virus or worm can access the files of any
> user, or it can start key loggers or any other garbage
Shared for him/her only, not the whole system. These files will
remain in the user's home directory only. There's no reason why another
user should use them, or I did not get the idea right?

Actually, the idea does allow people to install shared programs. Part of the purpose of this is that a user can install a shared program without escalating their privileges. Of course, a system can be set up to prevent this. The main advantage in a home environment is that, if a user does install something, it needn't be installed with root permissions.


Looking at the current situation with Windows, it's fairly reasonable to assume that regular users will intentionally install programs without properly checking what they are and who made them. If they do this with root privileges, the program could influence every portion of their system and this could cause catastrophic problems.

However, if a user can install a shared program without ever having access to system directories, the overall damage of installing malware would be mitigated.

Due to this, I think that the shared directory would be an overall security improvement. (Remembering of course that it probably wouldn't exist in a corporate/lab environment)

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar ? get it now! http://toolbar.msn.com/go/onm00200415ave/direct/01/




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]