From: Hubert Chan <hubert@uhoreg.ca>
To: reiserfs-list@namesys.com
Subject: Re: A bold idea (Re: Carrying Attributes too Far)
Date: Fri, 05 Dec 2003 23:01:56 -0500 [thread overview]
Message-ID: <87fzfyr3uz.fsf@uhoreg.ca> (raw)
In-Reply-To: 3FD13313.9010506@ninja.dynup.net
>>>>> "David" == David Masover <jedi@ninja.dynup.net> writes:
[...]
>> There's more to security and good administration than just disk
>> quotas. You can have different partitions mounted read-only.[1] You
>> have
>>
David> And how is that different than chmod -x? Root can remount a
David> partition writable just as easily as chmod'ing a file, unless the
David> partition is something like iso9660.
Yes. Mounting a partition read-only mainly protects against
accidentally doing something stupid. (e.g. "rm -rf /")
(What does "chmod -x" have to do with mounting read-only? Or did you
mean "chmod -r"?)
>> different mount attributes such as nodev, nosuid, noexec. You may
>> even want to take advantage of the fact that you can't hardlink
>> across partitions (you don't want users to be able to hardlink
>> programs from /usr/bin). Separate partitions also allows you to
>> easily reinstall by
>>
David> Why not? (Naive question -- I can't see any problem here.)
There was a recent thread on Bugtraq about: if a user can hardlink from
/usr/bin, then they could link an suid program. If a vulnerability is
discovered later, and the admin (or packaging program) just rm's the
file, the user still has access to it through his hard link. (The
solution is to truncate the file to 0, drop the suid bits, and then rm,
but you might forget.)
>> blowing away your root partition (after copying your /etc), e.g. if
>> your system gets compromised. And so forth.
>>
David> There are many ways of doing this, including: copy to a network
David> server, make a temporary partition (after resizing the main one),
David> burning a CD, etc.
Yes, but being able to just blow away your root partition to reinstall
is a whole lot easier.
--
Hubert Chan <hubert@uhoreg.ca> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
next prev parent reply other threads:[~2003-12-06 4:01 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-10-04 5:58 Carrying Attributes too Far lrc1
2003-10-04 18:17 ` Alexander G. M. Smith
2003-10-04 20:10 ` Hubert Chan
2003-12-03 19:18 ` Hans Reiser
2003-12-05 0:30 ` lrc1
2003-12-05 3:58 ` A bold idea (Re: Carrying Attributes too Far) David Masover
2003-12-05 9:44 ` Heinz-Josef Claes
2003-12-05 14:00 ` David Masover
2003-12-05 16:37 ` Hubert Chan
2003-12-06 1:38 ` David Masover
2003-12-06 4:01 ` Hubert Chan [this message]
2003-12-06 17:40 ` David Masover
2003-12-06 22:41 ` lrc1
2003-12-07 1:18 ` carrying links too far? (was Re: A bold idea (Re: Carrying Attributes too Far)) David Masover
2003-12-07 2:26 ` Hubert Chan
2003-12-07 9:08 ` The danger of bad external links lrc1
2003-12-07 18:15 ` Hubert Chan
2003-12-07 13:18 ` carrying links too far? (was Re: A bold idea (Re: Carrying Attributes too Far)) lrc1
2003-12-07 16:17 ` David Masover
2003-12-07 18:25 ` Hubert Chan
2003-12-07 2:11 ` A bold idea (Re: Carrying Attributes too Far) Hubert Chan
2003-12-08 20:54 ` Boyd Waters
2003-12-09 8:03 ` Heinz-Josef Claes
2003-12-10 2:12 ` more about links (was Re: A bold idea (Re: Carrying Attributes too Far)) David Masover
2003-12-11 11:35 ` Heinz-Josef Claes
2003-12-05 13:16 ` More on Hard Links (was " Alexander G. M. Smith
2003-12-05 14:07 ` David Masover
2003-12-05 14:17 ` Nikita Danilov
2003-12-05 15:58 ` Hans Reiser
2003-12-05 16:18 ` Nikita Danilov
2003-12-06 1:50 ` Garbage collection for files (was Re: More on Hard Links (was A bold idea (Re: Carrying Attributes too Far))) David Masover
2003-12-07 3:27 ` Hans Reiser
2003-12-06 10:06 ` More on Hard Links (was A bold idea (Re: Carrying Attributes too Far)) Stewart Smith
2003-12-05 22:38 ` Alexander G. M. Smith
2003-12-06 1:54 ` David Masover
2003-12-06 15:31 ` Alexander G. M. Smith
2003-12-07 1:08 ` David Masover
2003-12-07 2:42 ` Alexander G. M. Smith
2003-12-09 5:21 ` More on Hard Links Narcoleptic Electron
2003-12-09 18:48 ` Hubert Chan
2003-12-09 19:52 ` Narcoleptic Electron
2003-12-09 21:31 ` Hubert Chan
2003-12-09 23:47 ` Narcoleptic Electron
2003-12-10 0:13 ` Narcoleptic Electron
2003-12-10 3:05 ` Hubert Chan
2004-01-22 21:15 ` Narcoleptic Electron
2003-12-10 2:53 ` Hubert Chan
2003-12-10 3:22 ` Religion and Hard Links (was Re: More on Hard Links) David Masover
2003-12-10 20:49 ` More on Hard Links Matt Stegman
2003-12-16 1:27 ` Hubert Chan
2003-12-10 2:44 ` David Masover
2003-12-05 5:27 ` Carrying Attributes too Far Hubert Chan
2003-12-05 12:38 ` Hans Reiser
2003-12-06 23:33 ` lrc1
2003-12-07 2:48 ` Hubert Chan
2003-12-07 17:08 ` Hans Reiser
[not found] ` <3FD0023D.5030500@ninja.dynup.net>
2003-12-07 6:37 ` Saved Re: A bold idea (Re: Carrying Attributes too Far) lrc1
2003-12-07 6:39 ` lrc1
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87fzfyr3uz.fsf@uhoreg.ca \
--to=hubert@uhoreg.ca \
--cc=reiserfs-list@namesys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.