[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Sudo from scripts



On Mon, Nov 17, 2008 at 05:42:45PM +0000, g wrote:
> Hash: SHA1
> 
> Jerry Feldman wrote:
> 
> > Giving root ownership to a script IMHO is a security issue.
> 
> this is true. i have always wondered why nothing has ever been coded to check
> 'chown' to insure that such is only done by those who have proper authority.
> 
> > Actually, the backup 
> > script probably should have been run as root via a root crontab in the 
> > first place.
> 
> many times, backups need be run by a 'user', but they should only be allowed
> to back up their own files.
> 
> yet there is a big hole in that 'user' can backup a lot of 'system' files.
> another problem and potential breach of security. i hope that such as this
> would be covered by selinux, but i do not believe it has.

Backing up those (system) files that a user can just read in the normal
set of events is not a security issue.   The serious risk is on the
restore side of things.   For example /etc/passwd needs to be +read
for the world by contrast /etc/shadow cannot be read.

Interpreted programs -- bash, perl, python must be +read!   Note that 
the run time load/linker must read information from binary objects.
In fact it must do a bit of editing -- see also prelink.
It might be possible to add attributes to each section of an object
(see objdump) such that specific read write bits and security 
attributes exist and are enforced per section (I do not recommend such
an RFE). 

There may be an issue if software is purchased and unauthorized copies leave
the building but that is a different component of security.
 

-- 
	T o m  M i t c h e l l 
	Found me a new hat, now what?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]