1 |
Hi again, |
2 |
|
3 |
I couldn't resist and have read some messages, and I belive some people |
4 |
are missing the point. |
5 |
|
6 |
It's really easy: |
7 |
|
8 |
There are many kinds of funny security things in a Linux/Unix |
9 |
environment to protect the user from software failures (like typos rm ./ |
10 |
-> rm /) or attackers. People normally don't use the root account, are |
11 |
building chroots for specific programs, some programs are getting |
12 |
special rights or user accounts, or even stuff like selinux and grsecurity. |
13 |
Portage/emerge also does some things, there are the digests which |
14 |
ensures that the software fetched is not changed (again either by error |
15 |
or an attacker) and there is the sandbox to ensure the |
16 |
installation-scripts from the packages don't delete or overwrite files |
17 |
they shouldn't (again either by error or an attacker). |
18 |
|
19 |
But then there are the ebuilds and the eclasses. This are scripts often |
20 |
changed and fetched unchecked from the internet. |
21 |
|
22 |
And those are normally run as root. |
23 |
|
24 |
And this normally happens on a daily or weekly basis. |
25 |
|
26 |
So you have on the one side carefully crafted environments to protect |
27 |
the system/user from software-failures or attackers, but on the other |
28 |
side there is portage which is run regulary and is fetching scripts from |
29 |
the internet which are run unchecked by root. |
30 |
|
31 |
I think this explains why I doesn't understand that nobody cares about that. |
32 |
|
33 |
Kind regards, |
34 |
|
35 |
Alexander Holler |
36 |
|
37 |
-- |
38 |
gentoo-security@g.o mailing list |