Up2date and SysAdmin auth.

[Stanley Allely]

Scot L. Harris wrote:

>On Mon, 2004-08-09 at 05:32, Stanley Allely wrote:
>  
>
>>I noticed that when I run up2date in fc2, that the sys admin auth. 
>>doesn't always go away immediately once it moves to package retrieval.  
>>Sometimes it takes several minutes before the "keys" disappear (yeah I 
>>use dial up).  I don't like to expose root online any longer than 
>>necessary, so can I safely click "forget authorization" as soon as 
>>up2date switches to package retrieval mode?  I don't want to mess up the 
>>update but then I also don't want to find I got a "surprise" with my 
>>upgrade.  How secure is the actual upgrade process?  BTW thank you list 
>>contributors, you've sometimes answered questions I didn't even know I had!
>>Stan
>>    
>>
>
>Good question.
>
>I would think up2date would still need root level permissions until the
>install process was completed.
>
>That being said, you may want to switch to using yum instead.  I have
>found yum updates to run much quicker than using up2date.  Not sure why
>as I believe up2date actually uses yum behind the scenes but maybe it
>adds some additional overhead.  You can still use the rhn applet to
>notify you of available updates and give you a quick list of what is
>available.  Just use yum to actually get the update directly instead of
>the up2date application.
>
>Probably the best thing you can do to secure your box is to disable
>any/all services you don't really need or use.  In addition run iptables
>and only open ports that you actually need.  
>
>If you were to encounter a problem during an update it would most likely
>be due to a hacked mirror  server passing out trojan copies of
>programs.  Unfortunately there is not much you can do to protect
>yourself from that except wait a few days/weeks before upgrading
>something new (let others act as canaries (why did that make me think of
>Red Dwarf?) and try it before you unleash it on your box). 
>
>You could also run tools like iptraf or ethereal to monitor the
>connections on your system during such operations if you are really
>paranoid.   
>
>  
>
I do already run the full firewall with SPI, I just happened to notice 
that up2date closes the authorization before package retrieval is done, 
I'm just not sure how early is ok. I always thought it would require sys 
admin auth. all the way through, but it evidently does not.  I was just 
worried about somebody outside the update system hacking in a third 
party packet during the update process (like a rootkit), but I suppose 
that would qualify as a "new" packet under the iptables  and get 
stopped?  The only open port I have in the system is http for internet 
access.  I guess it's the fact that root is open during updates, or as 
they say "Just because your paranoid, doesn't mean someone is not out to 
get you" especially on line with  and all the other nasty gotcha's being 
available.  And I've had good luck with the default up2date, and having 
watched  the yum update thread I'll go with "if it ain't broke, don't 
fix it".
Thanks, Stan