[rescue] SGI fw_sshd and security
pat at computer-refuge.org
Sun Mar 7 09:42:22 CST 2004
On Sunday 07 March 2004 04:20, Jonathan C. Patschke wrote:
> On Sat, 6 Mar 2004, Meelis Roos wrote:
> > We had a discussion at $WORK some days ago about whether to link
> > zlib dynamically or statically. We decided to load it dynamically
> > because of _security reasons_ - when a security bug was found in
> > zlib, it was a pain in the ass to recompile every binary that
> > linked zlib statically and on some machines some binaries were
> > probably still left vulnerable.
> Look at it from the other way. What if someone finds a way to
> overwrite libwrap.so with a trojaned one by use of a local exploit?
> Keep in mind that most code that uses libwrap.so tends to also have
> root privileges and be associated with a network connection.
> Security-conscious code like that should be statically-linked.
> Period. Updating software is a PITA, sure, but a list of everything
> that uses libwrap.a is pretty easy to maintain.
Well, libwrap.(so|a) probably shouldn't be writable, except for by root.
So if you're overwriting it, you've already got some sort of root on
the box; game over. Now, if it's chmod'd 777 or something, then the
people that set its mode has are retarded, and should be shot. : )
I tend to agree more with Meelis here. I'd have an easily maintainable
system where I can fix a bug (especially security related) by replacing
one library rather than recompiling everything that uses it.
Purdue University ITAP/RCS --- http://www.itap.purdue.edu/rcs/
The Computer Refuge --- http://computer-refuge.org
More information about the rescue