[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



On 2009-11-19 10:23:53 AM, Till Maas wrote:
> So at least one major security protection measure is not in place and
> attackers can create their own repositories with signed packages that
> have well known security flaws, e.g. a package with a bad setuid root
> binary, and install it, if it is not already installed in a newer
> version.
I might be wrong on this, but wouldn't the attacker need to trick 
yum/packagekit into using the malicious repo first?  I didn't think that 
was allowed for non-root users.

Note that even if the repomd.xml files were signed, it'd be easy for an 
attacker to just take an old one with a valid signature and host a repo 
with outdated packages.  I thought metalink 
(https://mirrors.fedoraproject.org/metalink?repo=updates-released-f12&arch=x86_64) 
over https was supposed to address the problem of outdated repos though.

Thanks,
Ricky

Attachment: pgpPidGM3iMWw.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]