[RFC] User Accesable Filesystem Hierarchy Standard
Jamethiel Knorth
jamethknorth at hotmail.com
Wed Apr 7 01:36:24 UTC 2004
>Date: Tue, 6 Apr 2004 09:40:03 +0300
>From: "Doncho N. Gunchev" <mr700 at globalnet.bg>
>
>On Monday 05 April 2004 19:07, Robert Marcano wrote:
> > On Mon, 2004-04-05 at 11:30, Doncho N. Gunchev wrote:
> > > On Monday 05 April 2004 17:17, Michael A. Peters wrote:
> > > > ...
> > > > I personally don't like the idea.
> > > > If I want a bin directory in my home directory - export
>PATH=~/bin:$PATH
> > > >
> > > > The problem I see is security. A virus can not alter binaries it
>does
> > > > not have permission to alter, and that is why binaries, config
>files,
> > > > default templates, etc. should be installed with root ownership by
>the
> > > > root user.
> > > A virus/worm can damage only files owned by the user, so with
> > > or without binaries owned by the user who has run the virus/worm
> > > in her/his home, it can make the same damage. A virus/worm can make
> > > ~/.bin and also export PATH="~/.bin:$PATH" from your ~/.bashrc.
> > > What's the diference? The only way to stop the user from running
> > > untrusted applications is to mount /home and /tmp with noexec,
> > > which breaks some applications (rpmbuild, mc) :(
> > >
> >
> > But if the system allow an user to install shared applications without
> > any kind of authentication, a virus or worm can access the files of any
> > user, or it can start key loggers or any other garbage
> Shared for him/her only, not the whole system. These files will
>remain in the user's home directory only. There's no reason why another
>user should use them, or I did not get the idea right?
Actually, the idea does allow people to install shared programs. Part of the
purpose of this is that a user can install a shared program without
escalating their privileges. Of course, a system can be set up to prevent
this. The main advantage in a home environment is that, if a user does
install something, it needn't be installed with root permissions.
Looking at the current situation with Windows, it's fairly reasonable to
assume that regular users will intentionally install programs without
properly checking what they are and who made them. If they do this with root
privileges, the program could influence every portion of their system and
this could cause catastrophic problems.
However, if a user can install a shared program without ever having access
to system directories, the overall damage of installing malware would be
mitigated.
Due to this, I think that the shared directory would be an overall security
improvement. (Remembering of course that it probably wouldn't exist in a
corporate/lab environment)
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar get it now!
http://toolbar.msn.com/go/onm00200415ave/direct/01/
More information about the fedora-devel-list
mailing list