[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Taper
>>>>> "ps" == Paul Sims <psims [at] lombard.co.uk> writes:
ps> The advice is snipped direct from the FAQ.
Which FAQ? Taper's? Do you believe every hack you read about in a
FAQ is a good idea? It is really common for application programmers
to subvert best practice in favor of convenience. In this case it's
OK as far as I can tell, as I already said; I just wanted to point out
that as a general matter it's not a good idea to subvert PATH
restrictions, especially if you don't understand the rationale. And
when you do so, you should leave a trace behind so that you or another
admin will be able to figure out that was done.
Furthermore, it's a simple solution with obvious generalization to
similar situations; but those might involve security or administrative
problems.
A classic example of this is the default setting of SEARCH_HERE_FIRST
in Ghostscript. From the 6.01 Makefile (I first bitched about this in
Ghostscript 2.4.1, btw, and Peter gave me a clearly well-rehearsed
response very similar to the comment, so I was by no means the first):
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
# and confusion problems, but users insist on it.
# NOTE: this also affects searching for files named on the command line:
# see the "File searching" section of Use.htm for full details.
# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
SEARCH_HERE_FIRST=1
I have actually seen a personal data retrieval exploit for this,
packaged as initialization code in a PDF file. (It was constructed by
one of the "good guys," not found in the wild.) I think you might be
able to find it on CERT somewhere, but I don't remember where I saw
it.
Once again, the security argument doesn't apply to taper, as I already
pointed out indirectly. There's no real reason not to move stuff
between bin and sbin on an FHS-conformant system. But that might not
be true where the admin wanted to try to enforce "security through
obscurity".
--
University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences Tel/fax: +81 (298) 53-5091
_________________ _________________ _________________ _________________
What are those straight lines for? "XEmacs rules."
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.
- References:
- RE: Taper
- From: "Paul Sims" <psims [at] lombard.co.uk>