Gentoo Archives: gentoo-user

From: Joerg Schilling <Joerg.Schilling@××××××××××××××××.de>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Re: Cdrtools installation without suid root
Date: Tue, 30 Apr 2013 08:53:26
Message-Id: 517f85ed.XfKrvdB9fqvEs1Js%Joerg.Schilling@fokus.fraunhofer.de
In Reply to: [gentoo-user] Re: Cdrtools installation without suid root by Nikos Chantziaras
1 Nikos Chantziaras <realnc@×××××.com> wrote:
2
3 > > Would you call someone who shoots himself into the foot "smart"?
4 > >
5 > > Recent Linux kernels support fcaps in the filesystems and "somebody" evil, who
6 > > knows what he does may even set up fcaps on executable files when the related
7 > > support-software is not installed, just because the unstable kernel interfaces
8 > > are accessible from libc.
9 > >
10 > > Do you like people to be able to open security holes?
11 >
12 > You don't know what my intentions are and why I want to disable libcap.
13 > I have my reasons. This happens because it is actually possible to
14 > disable it.
15
16 I explained why not having libcap by default is a security risk.
17
18 You would need to explain your reasons, I currently cannot see a valid
19 reason to exclude a very small piece of security relevant software.
20
21 > If you really don't like that, then you should probably make libcap
22 > mandatory. Assume it's there, and if it's not, the user should get
23 > compile errors.
24
25 If you don't like my explanations, you are free to explain your reasons.
26
27 > But as long as it's not mandatory, I have my reasons why I would want to
28 > disable it, just as I have my reasons why I would want to explicitly
29 > enable it. What if autodetection fails? If I use the appropriate
30 > "enable libcap" flag, and libcap is not there, or it's broken, or
31 > whatever, I don't want to get a build that's now insecure. I want the
32 > build to abort with a big, fat error.
33 >
34 > I think you're too used to binary distros and Solaris to appreciate the
35 > different requirements of source-based distros :-)
36
37 Solaris is source based too.....
38
39 The real difference to Linux is that Solaris uses a kernel that is
40 auto-adjusting to the hardware and usage because it is fully dynamically loaded
41 and because all parameters adjust themself to any needed value as long as there
42 is enough kernel memory.
43
44 Linux has a large statically linked part and in theory you may be able to
45 compile it without capabilities, but then you would still need to have the
46 userland support-code available to permit userland programs to find out whether
47 the current kernel includes support or not.
48
49 ...it is a matter of understaning security related constraints...
50
51 Jörg
52
53 --
54 EMail:joerg@××××××××××××××××××××××××.de (home) Jörg Schilling D-13353 Berlin
55 js@××××××××××××.de (uni)
56 joerg.schilling@××××××××××××××××.de (work) Blog: http://schily.blogspot.com/
57 URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily

Replies

Subject Author
[gentoo-user] Re: Cdrtools installation without suid root Nikos Chantziaras <realnc@×××××.com>