Re: R: Linux kernel source archive vulnerable

On Sep 11, 2006, at 14:29:58, Jon Lewis wrote:

On Fri, 8 Sep 2006, Perego Paolo Franco wrote:

Anyway just few considerations:

2) a good sysadmin is aware that /usr/src is NOT supposed to be world writable

For some reason (bug in how they're being checked out of git, I assume), the latest kernel source tar files have all files and directories world writable. This is not how it's been in the past and is not how it should be.

-ENOBUG

Please see these threads and quit bringing up this topic like crazy:
http://marc.theaimsgroup.com/?l=linux-kernel&m=113304241100330&w=2
http://marc.theaimsgroup.com/?l=linux-kernel&m=114635639325551&w=2

To quote:

Going over old ground again, any administrator a) compiling the kernel as root or b) relying on GNU tar to make _security_policy_decisions_ is completely insane.

The only "trick" here is tar's decision not to apply umask, or root uid/gid, to files in a tar when extracted as root. This might make sense for tars that you created and want to extract again (say restoring a backup), but it certainly NEVER makes sense for files downloaded off the Internet.

So if you must cause a senseless hubbub on securityfocus.com, please don't spill it over onto LKML. This sort of thing is at _worst_ a bug in GNU tar that it's behavior is different when root. I run a linux system with SELinux where user 0 is no different than any other user and has no special permissions at all, and this kind of stupidity bites me a lot. My user 0 is "kyle" when I want to chown files I switch to the "sysadm" role, or if I absolutely need to override security policy for some reason I jump through hoops to get to the "root" role. In neither of those cases do I care what UID I am.

So either deal insecure permissions when you can't be bothered to use GNU tar securely (easy), don't compile your kernel as root (easier) or fix GNU tar not to assume UID 0 is God in the first place.

Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: R: Linux kernel source archive vulnerable
    • From: [email protected] (David Wagner)
  • Re: Linux kernel source archive vulnerable
    • From: Willy Tarreau <[email protected]>

• References:
  • Re: R: Linux kernel source archive vulnerable
    • From: Jon Lewis <[email protected]>

• Prev by Date: Re: Opinion on ordering of writel vs. stores to RAM
• Next by Date: Re: What's in libata-dev.git
• Previous by thread: Re: R: Linux kernel source archive vulnerable
• Next by thread: Re: Linux kernel source archive vulnerable
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]