[gentoo-amd64] OT but something to think about (security and root paths)

[Duncan <1i5t5.duncan@cox.net>]

*ix vets should know this already, but I was thinking about it again 
today, wondering how many sysadmin (and every Gentoo system user with 
root access is effectively a sysadmin) newbies know it, thus this post.

No untrusted or non-root user should be able to set the path for root, or 
write to any directories found in that path.  If they can, or can 
otherwise convince a root user to run an executable that they can write 
to, they effectively already have root.

Something to think about when you are running as root.  Do you ever as 
root run scripts or other executables that a user has write access to?  
Are your system permissions and root path setup appropriately so you 
can't run them by default, perhaps when someone puts their own version of 
something like ls earlier in your path than the system version?  

Some cautious admins make it a practice to always use a full path when 
invoking a command as root.  That's a good practice, as far as it goes, 
but to be really effective, they must ensure no scripts or other commands 
they run as root, invoke anything else without full path either.  That's 
a tough one, even tougher than teaching yourself to always use a full 
path, so not so many bother.

Who knows, maybe this will prevent someone reading it from getting 
rooted.  Like I said, I was just thinking about it, and decided it might 
be something worth posting.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman

-- 
gentoo-amd64@lists.gentoo.org mailing list