Re: [Jailkit-dev] more jk_jailuser bugs

[Olivier Sessink]

Stephen Tallowitz wrote:

>>>> saves me a lot of work (and thus more time for the parallel init
>>>> program I'm writing  :)  )
>
>>
>>
>> You're not by any chance involved in
>> http://initng.thinktux.net/index.php/Main_Page, which has received a
>> huge interest in the gentoo community? Didn't see your name there.


no, I'm working for a Debian parallel boot loader that is still
compatible with the Linux Standard Base using standard SysV init
scripts, but the numbering of the runlevels scripts is now optimized by
a separate program, and the parallel boot is starting all programs with
a same order-number at the same time.


>> I think the security problem stems from the fact that builtin
>> commands/functions of a programming language are usually linked
>> against some system libraries. So any modifying a system library or
>> the progamming language executables and libraries to gain root access
>> or install a rootkit can be watched by the popular checksum watchers
>> (tripwire et al). Executing a shell command basically leaves open the
>> possibility of anyone putting in an alias such as mv="rm -rf /" or
>> mv="install-my-rootkit". And aliases are probably not what
>> checksum-programms look out for. There are probably many ways to
>> inject such an alias to the root-user, there need only be one
>> incorrectly configured service or directory on a computer.
>> jk_jailuser is always executed as root, so being just that little bit
>> more security conscious might not be a bad idea.


good point, I agree, we should not execute mv on behalf of user root.

regards,
        Olivier