From: Willy Tarreau <willy@w.ods.org>
To: Andreas Hartmann <andihartmann@01019freenet.de>
Cc: linux-kernel@vger.kernel.org
Subject: Re: forbid to strace a program
Date: Sun, 4 Sep 2005 10:45:59 +0200 [thread overview]
Message-ID: <20050904084559.GC30279@alpha.home.local> (raw)
In-Reply-To: <dfe7ui$14q$1@pD9F874C0.dip0.t-ipconnect.de>
Hi Andreas,
On Sun, Sep 04, 2005 at 09:32:34AM +0200, Andreas Hartmann wrote:
> > Can I ask why you want to hide the database password from root?
>
> It's easy: for security reasons. There could always be some bugs in some
> software, which makes it possible for some other user, to gain root
> privileges. Now, they could easily strace for information, they shouldn't
> could do it.
Then you're loosing your time. If the user gains root privileges, then he
can do what he wants to get the password, including loading modules or
scanning the memory. For instance, it happened to me several times that
my browser crashed during a post with a very long message. Not funny at
all. Then, as root, I started my hex editor and scaned all memory for
words I was sure I wouldn't find anywhere else, and then I could restore
my data by hand. Doing so to find a password is pretty easy too. And don't
tell me that it's deleted very soon, because it's also possible to send
lots of SIGSTOP/scan/SIGCONT very fast to try to catch the clear password.
> The password they could see, isn't just used for the DB, but
> for some other applications, too. That's the disadvantage of general
> (single sign on) passwords.
can't you use a specific password just for this app ? or use another server
on which no user has access to relay your connections and insert the right
password itself ?
Regards,
Willy
next prev parent reply other threads:[~2005-09-04 8:46 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <4IOGw-1DU-11@gated-at.bofh.it>
[not found] ` <4IOGw-1DU-13@gated-at.bofh.it>
[not found] ` <4IOGw-1DU-9@gated-at.bofh.it>
[not found] ` <4IOQc-1Pk-23@gated-at.bofh.it>
2005-09-04 7:32 ` forbid to strace a program Andreas Hartmann
2005-09-04 8:45 ` Willy Tarreau [this message]
2005-09-04 8:47 ` Tejun Heo
2005-09-05 9:36 ` Bernd Petrovitsch
[not found] <4IExJ-4aE-21@gated-at.bofh.it>
[not found] ` <4IMY1-7C1-19@gated-at.bofh.it>
2005-09-03 22:23 ` Andreas Hartmann
2005-09-03 22:34 ` Chase Venters
2005-09-04 21:47 ` Horst von Brand
2005-09-03 11:28 Andreas Hartmann
2005-09-03 20:29 ` Alex Riesen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050904084559.GC30279@alpha.home.local \
--to=willy@w.ods.org \
--cc=andihartmann@01019freenet.de \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox