Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Douglas Breault Jr <GenKreton@...>
Subject: Re: Running untrusted software
Date: Wed, 18 Jan 2006 10:29:47 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

I need to run this CSA in order to gain access to the network. I don't
trust the network much either, but I am always using OpenVPN, which I
trust completely. Currently I can access the network, and ergo my vpn
without this, but after the 26th that all changes.

I will definitely look into grsec but it seems complicated. Regardless I
require a viable solution and I will take the steps necessary,
regardless of complication.

Is there a way to try and trace what the binary wants to do? I'm aware i
could run strace on it and ethereal to capture what it transmits... But
is there more I can do?

Thanks,
Douglas Breault Jr.



Oliver Schad wrote:
> Am Mittwoch, 18. Januar 2006 15:58 schrieb mir Douglas Breault Jr:
>> I am being forced to run software on my computer that I do not
>> inherently trust. It is supposed to collect a few pieces of
>> information, mainly my mac addresses and use the network. It is a
>> one-time use CSA (client security agent). It uses a csh script to
>> unpack a "proprietary binary" that we cannot see the source. There is
>> no assurance it doesn't collect other information or change anything
>> on my computer.
> 
> If you don't trust this software don't use it in trusted environment 
> which includes trusted system and trusted network.
> 
>> I was curious as to what is the best way to handle this and
>> situations like these. In this instance, I was assuming downloading,
>> and running on a LiveCD would seem like the best policy. 
> 
> Is your host in a trusted network?
> 
>> What if it 
>> uses methods to discover that and I need to run it on my real
>> installation? Is a chroot jail the next best thing? 
> 
>>From a chroot environment you can easily escape on a standard kernel. 
> Grsec offers a real chroot jail.
> 
>> As far as I know, 
>> to make a chroot jail I merely copy programs and libraries inside a
>> folder with the proper / hierarchy and chroot into it. Is it more
>> complex than this and are there any guides?
> 
> # esearch jail
> 
> Best Regards
> Oli
> 


- --
How do I know the past isn't fiction designed to account for the discrepancy
between my immediate physical sensations and my state of mind?

/~\ The ASCII        Douglas Breault Jr. <GenKreton at comcast dot net>
\ / Ribbon Campaign  GnuPG public key ID: C4E44A19 (pgp.mit.edu)
 X  Against HTML     Key fingerprint:
/ \ Email!           21C3 F37D A8F5 1955 05F2  9A69 92A0 C177 C4E4 4A19
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDzl7okqDBd8TkShkRAyY9AKDfJlalc++hxQO7C2c05UWquNfZxACg1h56
Z3g7bxK1AowT9FL+B2mXq0c=
=rmk5
-----END PGP SIGNATURE-----
-- 
gentoo-security@g.o mailing list


Replies:
Re: Running untrusted software
-- Brandon Edens
Re: Running untrusted software
-- Oliver Schad
References:
Running untrusted software
-- Douglas Breault Jr
Re: Running untrusted software
-- Oliver Schad
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Running untrusted software
Next by thread:
Re: Running untrusted software
Previous by date:
RE: Running untrusted software
Next by date:
Re: Running untrusted software


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.