[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Design principles and ethics
From: |
Tom Bachmann |
Subject: |
Re: Design principles and ethics |
Date: |
Sun, 30 Apr 2006 16:34:29 +0200 |
User-agent: |
Mail/News 1.5 (X11/20060403) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jonathan S. Shapiro wrote:
> Your user shell is the parent of /sbin/passwd when you
> execute /sbin/passwd. It is entirely proper that /sbin/passwd should not
> trust its parent.
>
Interesting, this opens (for me) a completely new view to confinement:
it is needed to run programs more privileged than the user. This should
simplify the task of finding an example where your kind of confinement
is needed.
Still, the passwd example is broken: it only does not work because the
file contains entries of other users, too. I would make the file local
to each shell. So in fact, it could just contain a plaintext password
the user can change with an ordinary editor.
- --
- -ness-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEVMr1vD/ijq9JWhsRAkboAJ47z5xopzudxv2naSPfMNiR9PzNOwCfZWo0
/M7WTgMHGQRjx3TR4fFKpCw=
=dDKN
-----END PGP SIGNATURE-----
- Re: The gun analogy (Was: Design Principles), (continued)
- Re: The gun analogy (Was: Design Principles), Marcus Brinkmann, 2006/04/30
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Jonathan S. Shapiro, 2006/04/29
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Bas Wijnen, 2006/04/29
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Jonathan S. Shapiro, 2006/04/29
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Tom Bachmann, 2006/04/30
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Jonathan S. Shapiro, 2006/04/30
- Re: Design principles and ethics, Tom Bachmann, 2006/04/30
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Bas Wijnen, 2006/04/30
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Bas Wijnen, 2006/04/30
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Jonathan S. Shapiro, 2006/04/30
- Re: Design principles and ethics,
Tom Bachmann <=
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Marcus Brinkmann, 2006/04/30
- Re: Design principles and ethics (was Re: Execute without read (was [...])), Bas Wijnen, 2006/04/30
- Re: Design principles and ethics, Tom Bachmann, 2006/04/30
- Re: Design principles and ethics, Bas Wijnen, 2006/04/30
- Re: Design principles and ethics, Tom Bachmann, 2006/04/30
- Re: Design principles and ethics, Bas Wijnen, 2006/04/30
- Re: Design principles and ethics, Jonathan S. Shapiro, 2006/04/30
- Re: Design principles and ethics, Tom Bachmann, 2006/04/30
- Re: Design principles and ethics, Jonathan S. Shapiro, 2006/04/30
- Re: Design principles and ethics, Tom Bachmann, 2006/04/30