ltib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ltib] Using LTIB without root privileges

From: Stuart Hughes
Subject: Re: [Ltib] Using LTIB without root privileges
Date: Thu, 05 Jul 2012 08:52:26 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.28) Gecko/20120313 Lightning/1.0b2 Thunderbird/3.1.20 
On 05/07/12 08:31, Christoph Baumann wrote:

Hi Stuart,

----- Ursprüngliche Mail -----

Von: "Stuart Hughes"<address@hidden>
An: "Christoph Baumann"<address@hidden>
CC: address@hidden
Gesendet: Mittwoch, 4. Juli 2012 11:12:34
Betreff: Re: [Ltib] Using LTIB without root privileges

[...]

I realise that, but I'd suggest that you don't install on any machine
that is mission critical or sensitive.


I for myself don't fear any intruder. But the security auditing guys see the 
scenario that someone could compromise the development machine to inject 
malicious code into the resulting firmware.



If you think about it, if your IT policy allows you to run sudo, then
what LTIB is doing is fine, all it is doing is removing the need to
enter your user password. If your IT policy does not allow you to run
sudo (for any command), then you should not be installing LTIB (as it
needs sudo for rpm installs). BTW LTIB cannot accidentally install
rpms
into your system area, that's what the weird %pfx stuff in the .spec
files is for.

I hope I can get an exception from that policy. Because I need to develop for 
the Freescale i.MX28 for which Freescale provides a preconfigured LTIB as BSP. 
And I'm not very keen on dissecting this BSP in order to get the MX28 
specialities into some other build tool.



I've been over this many times with many people. The issue is one of
balancing ultimate security vs usability, there is no right or wrong
answer. Given that LTIB wants to create an NFS mountable filesystem
image, at some point it needs to be root to create the files with the
correct user/permissions.

Sorry, didn't want to bother you. I can understand your point. But as mentioned above I 
need good reasons to demand to be able to "sudo".


Hi Christoph,
Do you have sudo on these machines (outside of LTIB), if not, they're not suitable for installing LTIB. If they do, LTIB presents no more risk that the users allowed to run sudo.
If they want reason, the simple one is that an NFS root area cannot be correctly populated without sudo permissions (for rpm install). If the don't like that there options are:
* Deny your request and offer an non-IT PC where you can do LTIB: the cost a few hundred dollars
* Deny your request and have you spend many hours (thousands of dollars) trying to work-round this. You will ultimately fail as you'll need to be root at some point if you're doing this kind of development.
* Allow your request and let common sense prevail. If they have concerns they should be based on something objective - a real security concern. Ask them what they think could happen? 

Regards, Stuart
reply via email to
[Prev in Thread] Current Thread [Next in Thread]