Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: <gentoo-security@g.o>, <gentoo-security@g.o>
From: "Johnson, Maurice E CTR NSWCDL-K74" <maurice.e.johnson1.ctr@...>
Subject: RE: Running untrusted software
Date: Wed, 18 Jan 2006 09:24:13 -0600
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=Windows-1252">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.0.6603.0">
<TITLE>RE: [gentoo-security] Running untrusted software</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->

<P><FONT SIZE=2>A good host based IDS&nbsp; (file integrity monitoring system) would record any system level changes made. IT should be fairly trivial to start of with a sterile environment prior to running your CSA and inspecting the environment afterwards.<BR>
<BR>
Try Tripwire or AID.<BR>
<BR>
<BR>
-----Original Message-----<BR>
From:&nbsp;&nbsp; Douglas Breault Jr. on behalf of Douglas Breault Jr<BR>
Sent:&nbsp;&nbsp; Wed 1/18/2006 8:58 AM<BR>
To:&nbsp;&nbsp;&nbsp;&nbsp; gentoo-security@g.o<BR>
Cc:&nbsp;&nbsp;&nbsp;&nbsp;<BR>
Subject:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [gentoo-security] Running untrusted software<BR>
-----BEGIN PGP SIGNED MESSAGE-----<BR>
Hash: RIPEMD160<BR>
<BR>
Hello,<BR>
<BR>
I am being forced to run software on my computer that I do not<BR>
inherently trust. It is supposed to collect a few pieces of information,<BR>
mainly my mac addresses and use the network. It is a one-time use CSA<BR>
(client security agent). It uses a csh script to unpack a &quot;proprietary<BR>
binary&quot; that we cannot see the source. There is no assurance it doesn't<BR>
collect other information or change anything on my computer.<BR>
<BR>
I was curious as to what is the best way to handle this and situations<BR>
like these. In this instance, I was assuming downloading, and running on<BR>
a LiveCD would seem like the best policy. What if it uses methods to<BR>
discover that and I need to run it on my real installation? Is a chroot<BR>
jail the next best thing? As far as I know, to make a chroot jail I<BR>
merely copy programs and libraries inside a folder with the proper /<BR>
hierarchy and chroot into it. Is it more complex than this and are there<BR>
any guides?<BR>
<BR>
Any and all suggestions are welcome.<BR>
<BR>
Thank you,<BR>
Douglas Breault Jr.<BR>
<BR>
- --<BR>
How do I know the past isn't fiction designed to account for the discrepancy<BR>
between my immediate physical sensations and my state of mind?<BR>
<BR>
/~\ The ASCII&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Douglas Breault Jr. &lt;GenKreton at comcast dot net&gt;<BR>
\ / Ribbon Campaign&nbsp; GnuPG public key ID: C4E44A19 (pgp.mit.edu)<BR>
&nbsp;X&nbsp; Against HTML&nbsp;&nbsp;&nbsp;&nbsp; Key fingerprint:<BR>
/ \ Email!&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 21C3 F37D A8F5 1955 05F2&nbsp; 9A69 92A0 C177 C4E4 4A19<BR>
-----BEGIN PGP SIGNATURE-----<BR>
Version: GnuPG v1.4.2 (GNU/Linux)<BR>
<BR>
iD8DBQFDzleMkqDBd8TkShkRA1l4AKC2W54KDDwSN9MXKzodtN+v917BHgCfVsZJ<BR>
TPF6ZYn/ynJ5F9HZ45EtuPs=<BR>
=yPaH<BR>
-----END PGP SIGNATURE-----<BR>
--<BR>
gentoo-security@g.o mailing list<BR>
<BR>
<BR>
</FONT>
</P>

</BODY>
</HTML>
Replies:
Re: Running untrusted software
-- Oliver Schad
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Running untrusted software
Next by thread:
Re: Running untrusted software
Previous by date:
Re: Running untrusted software
Next by date:
Re: Running untrusted software


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.