LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Samium Gromoff <_deepfire@feelingofgreen.ru>
To: Kyle Moffett <mrmacman_g4@mac.com>
Cc: David Wagner <daw-usenet@taverner.cs.berkeley.edu>,
	LKML Kernel <linux-kernel@vger.kernel.org>,
	Samium Gromoff <_deepfire@feelingofgreen.ru>
Subject: Re: [PATCH] Undo some of the pseudo-security madness
Date: Mon, 22 Jan 2007 04:53:29 +0300	[thread overview]
Message-ID: <87lkjvvnc6.wl@betelheise.deep.net> (raw)
In-Reply-To: <1D317613-B0B6-4517-81B5-DBF3978FA413@mac.com>

At Sun, 21 Jan 2007 19:36:27 -0500,
Kyle Moffett wrote:
> 
> On Jan 21, 2007, at 18:34:56, David Wagner wrote:
> > [1] In comparison, suidperl was designed to be installed setuid- 
> > root, and it takes special precautions to be safe in this usage.   
> > (And even it has had some security vulnerabilities, despite its  
> > best efforts, which illustrates how tricky this business can be.)   
> > Setting the setuid-root bit on a large complex interpreter that  
> > wasn't designed to be setuid-root seems like a pretty dubious  
> > proposition to me.
> 
> Well, there's also the fact that Linux does *NOT* need suidperl, as  
> it has proper secure support for suid pound-bang scripts anyways.   
> The only reason for suidperl in the first place was broken operating  
> systems which had a race condition between the operating system  
> checking the suid bits and reading the '#! /usr/bin/perl' line in the  
> file, and the interpreter getting executed and opening a different  
> file (think symlink redirection attacks).  I believe Linux jumps  
> through some special hoops to ensure that can't happen.

Uh, this does not work, unfortunately in the Lisp case.

Lisp environments can produce standalone executables, which are

1. supposed to be runnable like a usual binary, without any additions
2. will suffer from the very same problem, as it merely is a
runtime bundled with the core file

(and the core file is unrelocatable)

> Kyle Moffett

regards, Samium Gromoff

  reply	other threads:[~2007-01-22  1:53 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-01-21 23:23 Samium Gromoff
2007-01-21 23:34 ` David Wagner
2007-01-22  0:36   ` Kyle Moffett
2007-01-22  1:53     ` Samium Gromoff [this message]
2007-02-24  9:40       ` Florian Weimer
2007-02-24 13:33         ` Samium Gromoff
2007-02-24 13:49           ` Florian Weimer
2007-01-22 15:20 ` Valdis.Kletnieks
2007-01-22 17:39   ` Samium Gromoff
2007-01-23  8:48     ` Pavel Machek
2007-01-23 14:03       ` Samium Gromoff
2007-01-23 15:41         ` Alan
2007-01-23 20:21           ` [PATCH 0/2] Mechanism to turn of ASR on a per-ELF binary basis Samium Gromoff
2007-01-23 20:28           ` [PATCH 1/2] Define the EF_AS_NO_RANDOM e_flag bit Samium Gromoff
2007-01-23 20:50             ` Jakub Jelinek
2007-01-23 21:06               ` Samium Gromoff
2007-01-23 21:16                 ` Jakub Jelinek
2007-01-23 21:54                   ` Samium Gromoff
2007-01-23 23:21                   ` Samium Gromoff
2007-01-24 17:08                     ` Pavel Machek
2007-01-29  1:18             ` Arjan van de Ven
2007-01-23 20:31           ` [PATCH 2/2] Make the EF_AS_NO_RANDOM e_flag bit disable PF_RANDOMIZE Samium Gromoff
2007-02-24  9:51           ` [PATCH] Undo some of the pseudo-security madness Florian Weimer
2007-02-24 13:36             ` Samium Gromoff
2007-01-31  9:59         ` Arjan van de Ven
2007-02-01  8:05           ` Florian Weimer
  -- strict thread matches above, loose matches on Subject: below --
2007-01-22  0:54 Samium Gromoff
2007-01-20 14:37 Samium Gromoff
2007-01-20 16:12 ` Samium Gromoff
2007-01-20 21:58 ` David Wagner
2007-01-21  2:16 ` Arjan van de Ven
2007-01-21 21:38   ` Samium Gromoff
2007-01-21 22:09   ` Samium Gromoff
2007-01-21 22:16     ` David Wagner
2007-01-22  0:35     ` Arjan van de Ven
2007-01-22  1:15       ` Samium Gromoff
2007-01-22 17:52       ` Samium Gromoff
2007-01-23  8:44         ` Pavel Machek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87lkjvvnc6.wl@betelheise.deep.net \
    --to=_deepfire@feelingofgreen.ru \
    --cc=daw-usenet@taverner.cs.berkeley.edu \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mrmacman_g4@mac.com \
    --subject='Re: [PATCH] Undo some of the pseudo-security madness' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).