Re: Prioritizing ~/.local/bin over /usr/bin on the PATH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jun 13, 2018 at 06:28:47PM +0200, Alois Mahdal wrote:
> Hi,
> 
> I'm no infosec expert, but...
> 
> On 06/12/2018 07:31 PM, Miro Hrončok wrote:
> > 
> > On 12.6.2018 19:20, Howard Howell wrote:
> >> I haven't followed all of this thread, too self busy.  However there is
> >> a security argument.  If you have a local executable directory, then
> >> the capability for malicious software to attach is wide open for that
> >> user, whatever their privelege level might be.
> > 
> > Executable directory? If you have power over user $HOME, you can change
> > user's $PATH.
> 
> Is it so easy, though?
> 
> I've seen many examples with .bashrc, but .bashrc only does it for bash
> (and only in interactive mode, IIRC).  One has to do it for something
> like .xsessionrc -- frankly I'm not sure if there is such file that applies.
> 
> OTOH, by adding .local/bin, the attacker does not have to care where (or
> how) to set the path, they really only need to drop new file.
> 
> I guess my point is that it won't make attacks possible (they already
> are), but it might be making them easier.

That's a very correct observation. In fact, this is the whole purpose of
this change: to make installing arbitrary scripts to be executed by the
user _easy_! So anyone who is arguing that this makes it so much easier
for the attacker, are also arguing that this makes it so much easier for
the user.

We put the bar for _security_ measures much higher then mere inconvenience.
In fact we know that users have been installing software in ~/
successfully before this change, and it doesn't allow them to do
anything they couldn't do before. Likewise, it doesn't allow attackers
to do anything new. So people who consider this irrelevant for security
assume that mere inconvenience _is not_ a hurdle for the attacker.
Nevertheless, mere inconvenience _is_ a problem for many users.

Zbyszek
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/message/MGVABGXS3DT74MELLOR64VXOAVHUQ236/




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux