Re: Next privilege escalation policy draft

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2010-02-04 at 15:14 -0500, Adam Jackson wrote:

> Some nitpicking:
> 
> - "Read or write directly to or from system memory" is, technically,
> something every process does.  "Device or kernel memory" might be closer
> to the spirit of the law?

Yeah, that's one people have said is somewhat amorphous. It's important
to note that I'm using the word 'directly' in the policy to mean 'allow
to user to specifically control the process' - i.e. it's not just about
an application the user is using reading memory, it's more about
(apologies for my 1980s terminology :>) not letting the user PEEK and
POKE.

> - Declaring "Read from system logs containing any information about user
> activities" to be a privileged action, means that who(1) and last(1)
> break, since utmp and wtmp are typically - intentionally - world
> readable.  /var/log/ConsoleKit/history similarly.  I think this entire
> rule is mostly subsumed under the "directly access or modify a file they
> would usually be denied rights to" clause, though we'd probably also
> want to define what kinds of log information are sensitive and what
> aren't in that case, and enforce world-readability to match.

I don't understand much about utmp and wtmp, but if appropriate they
could be specifically excepted from the policy. Ditto the ConsoleKit
history. What's the rationale for these being world-readable?
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux