On Fri, Feb 20, 2015 at 07:28:50PM +0000, Peter Robinson wrote: > On Fri, Feb 20, 2015 at 6:55 PM, Till Maas <opensource@xxxxxxxxx> wrote: > > On Fri, Feb 20, 2015 at 05:21:59PM +0000, Peter Robinson wrote: > >> >> I've never argumented against the goal that web browser or all network aware > >> >> services should be PIEs, after all, why would we (Ulrich Drepper and myself) > >> >> add the PIE support into the toolchain otherwise? > >> >> I'm just not convinced most of the unpriviledged programs should be PIEs. > >> > > >> > Thanks to e.g. e-mail about any program can be made to run untrusted > >> > data, e.g. PDF readers, office suites, image viewers, if you open an > >> > attachment of the respective type. Therefore it makes a sane default > >> > IMHO. It is also something to attract users that care about security > >> > very much to Fedora. > >> > >> So your saying here that this is miraculously going to stop people > >> from running random binaries that are being emailed to them? Or is > >> just going stop people from running random non PIC/PIE binaries? I > >> don't buy that this is a miracle fix to that problem. How then does it > >> affect other third party binaries not compiled with PIC/PIE that > >> people might wish to run? > > > > No, am am saying I can open PDF documents knowing that I did what I > > could to be secure when open it etc. Also I know that if recommend > > people Fedora and give basic guidelines, that they are as good protected > > as possible. > > How is a PDF with a binary payload any different? Sounds like we need > to be running pdf readers in a selinux container? absolutely. All PDF, office, web browsers and similar should be pre-configured to use sandboxing technology. The plain selinux sandbox also needs some work - right now you can even read /etc/passwd* out of normal sandboxes! https://bugzilla.redhat.com/show_bug.cgi?id=1165424 Richard --- Name and OpenPGP keys available from pgp key servers -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
