[1027] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] Re: Possible bufferoverflow condition in lpr, xterm and xload

daemon@ATHENA.MIT.EDU (Daniel Roedding)
Tue Aug 20 08:22:36 1996

To: ralf@zoo.priv.at (Ralf Schlatterbeck)
Date: Tue, 20 Aug 1996 09:23:04 +0200 (MDT)
From: "Daniel Roedding" <daniel@fiction.pb.owl.de>
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <m0usZYT-0005xAC@zoo.priv.at> from "Ralf Schlatterbeck" at Aug 19, 96 09:00:04 pm

Hi!


Roger Wolff suggested:
> Maybe installation notes could mention "if you want you can remove the
> s-bit from this and that application", but I find the idea
> distributing s-bit programs without s-bits and thereby suggesting that
> s-bits can be tacked on to binaries very scary.....]

Personally, I'd wish to have a distribution kit that would ask me
whether I want an "merely open" or a "secure" system. For development
purposes or as a real end-user system, the current state of most
distributions (which I consider as "open") is okay, but systems to
be connected to open networks such as the Internet need more security,
and - simply said - less s-bit programs and pre-configured services
(/etc/inetd.conf etc.).

Is anybody out here who deals with distribution kits and their instal-
lation scripts? It shouldn't need much effort to separate binary
tree and configuration files and stuff them into two packages. Next
step just whould be to offer (at least) two configuration packages
alternatively, each with a configuration tree and a small installation
script setting/resetting some "critical" s-bits.

What do you think about this?

[REW: I mostly agree. Simply resetting s-bits is not something that
can easily be done "out of the box". Mount and ppp have config files
that allow certain users to perform certain privileged actions. These
should simply be bug-fixed until they actually are secure. I have an
internet-connected machine that simply uses the user-mount features.
I still like it to be secure. Another problem with your approach is
that the config files are (and should be) in the package that they
belong with. Maybe a diff to be later applied could change the
"security level"?]

Daniel


-- 
Daniel Roedding     daniel@fiction.pb.owl.de               INTJ
Padertown City      +49-5251-541965 voice, 541334 data     http://www.owl.de

home help back first fref pref prev next nref lref last post