Gentoo Archives: gentoo-security

From: "Johnson
To: gentoo-security@l.g.o, gentoo-security@l.g.o
Subject: RE: [gentoo-security] Running untrusted software
Date: Wed, 18 Jan 2006 15:34:58
1 A good host based IDS (file integrity monitoring system) would record any system level changes made. IT should be fairly trivial to start of with a sterile environment prior to running your CSA and inspecting the environment afterwards.
3 Try Tripwire or AID.
6 -----Original Message-----
7 From: Douglas Breault Jr. on behalf of Douglas Breault Jr
8 Sent: Wed 1/18/2006 8:58 AM
9 To: gentoo-security@l.g.o
10 Cc:
11 Subject: [gentoo-security] Running untrusted software
13 Hash: RIPEMD160
15 Hello,
17 I am being forced to run software on my computer that I do not
18 inherently trust. It is supposed to collect a few pieces of information,
19 mainly my mac addresses and use the network. It is a one-time use CSA
20 (client security agent). It uses a csh script to unpack a "proprietary
21 binary" that we cannot see the source. There is no assurance it doesn't
22 collect other information or change anything on my computer.
24 I was curious as to what is the best way to handle this and situations
25 like these. In this instance, I was assuming downloading, and running on
26 a LiveCD would seem like the best policy. What if it uses methods to
27 discover that and I need to run it on my real installation? Is a chroot
28 jail the next best thing? As far as I know, to make a chroot jail I
29 merely copy programs and libraries inside a folder with the proper /
30 hierarchy and chroot into it. Is it more complex than this and are there
31 any guides?
33 Any and all suggestions are welcome.
35 Thank you,
36 Douglas Breault Jr.
38 - --
39 How do I know the past isn't fiction designed to account for the discrepancy
40 between my immediate physical sensations and my state of mind?
42 /~\ The ASCII Douglas Breault Jr. <GenKreton at comcast dot net>
43 \ / Ribbon Campaign GnuPG public key ID: C4E44A19 (
44 X Against HTML Key fingerprint:
45 / \ Email! 21C3 F37D A8F5 1955 05F2 9A69 92A0 C177 C4E4 4A19
47 Version: GnuPG v1.4.2 (GNU/Linux)
49 iD8DBQFDzleMkqDBd8TkShkRA1l4AKC2W54KDDwSN9MXKzodtN+v917BHgCfVsZJ
50 TPF6ZYn/ynJ5F9HZ45EtuPs=
51 =yPaH
52 -----END PGP SIGNATURE-----
53 --
54 gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] Running untrusted software Oliver Schad <o.schad@×××.de>