[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: trust [was Re: Open Xlock as root]



On Wed, 15 Dec 1999, Steve Langasek wrote:

> Well, because 'vlock -a' locks *all* the virtual consoles (and there's no
> magic key to break out of it--it wouldn't be a very good console lock if
> there was), the hammer the attacker would need to terminate the locked
> session would be one serious Hammer of Pok.  Specifically, the attacker
> would have to be able to reboot the machine.  So, if there's sufficient
> physical security in place, then vlock *is* resistant to such an attack.

If "there's sufficient physical security in place", then there is no need
to use vlock (or xlock or whatever-else-lock) at all. :)


On Thu, 16 Dec 1999, Michael K. Johnson wrote:

> In order to be safe from this particular form of abuse, it is at least
> necessary that untrusted users be unable to add the executable bit to
> any file, or make the executable bit meaningless in areas that the user
> can write.  That is most often done by mounting /home, /tmp, /var/tmp,
> etc. with the noexec option.

...and that is often a completely useless contermeasure thanks to a crowd
of interpreters (from sh to python) and other programs (e.g. Linux dynamic
linker) allowing the users to circumvent this restriction. :)


--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []