Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Oliver Schad <o.schad@...>
Subject: Re: Running untrusted software
Date: Wed, 18 Jan 2006 16:14:58 +0100
Am Mittwoch, 18. Januar 2006 15:58 schrieb mir Douglas Breault Jr:
> I am being forced to run software on my computer that I do not
> inherently trust. It is supposed to collect a few pieces of
> information, mainly my mac addresses and use the network. It is a
> one-time use CSA (client security agent). It uses a csh script to
> unpack a "proprietary binary" that we cannot see the source. There is
> no assurance it doesn't collect other information or change anything
> on my computer.

If you don't trust this software don't use it in trusted environment 
which includes trusted system and trusted network.

> I was curious as to what is the best way to handle this and
> situations like these. In this instance, I was assuming downloading,
> and running on a LiveCD would seem like the best policy. 

Is your host in a trusted network?

> What if it 
> uses methods to discover that and I need to run it on my real
> installation? Is a chroot jail the next best thing? 

>From a chroot environment you can easily escape on a standard kernel. 
Grsec offers a real chroot jail.

> As far as I know, 
> to make a chroot jail I merely copy programs and libraries inside a
> folder with the proper / hierarchy and chroot into it. Is it more
> complex than this and are there any guides?

# esearch jail

Best Regards
Oli

-- 
gentoo-security@g.o mailing list


Replies:
Re: Running untrusted software
-- Panagiotis Atmatzidis
Re: Running untrusted software
-- Douglas Breault Jr
References:
Running untrusted software
-- Douglas Breault Jr
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Running untrusted software
Next by thread:
Re: Running untrusted software
Previous by date:
Running untrusted software
Next by date:
RE: Running untrusted software


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.