cross-platform virus
John
dingo at coco2.arach.net.au
Tue Apr 11 01:07:12 BST 2006
Pete Ryland wrote:
> On Mon, Apr 10, 2006 at 08:27:41 +0800, John wrote:
>
>>It would be nice if there were no way for stuff in ~, /tmp and /var/tmp
>>to escalate _by any means_ to root.
>
>
> If the sudoers entry was changed to something like:
>
> Cmnd_Alias ALLPROGRAMS = /bin, /sbin, /usr/bin, /usr/sbin, /usr/local/bin, \
> /usr/local/sbin, /usr/bin/X11, /usr/games
>
> %admin ALL=(ALL) ALLPROGRAMS
>
> then it would alleviate the problem of running code under sudo that could be
> written by a bad non-root process.
>
> Pete
>
I'm not sure that helps a lot...
What I have in mind is a means whereby a program loaded from an untrused
location cannot, by any means, run any program from any location such
that the program has elevated privilege.
EG A program in ~/bin cannot run fdisk with root privileges, with or
without su, sudo or runas.
OS/VS (a family of IBM operating systems) implemented this over 30 years
ago, it's not a new idea.
A process _may_ be privileged only if it and all its parents are loaded
from trusted locations, typically all the standard bin (and lib?)
directories.
More information about the sounder
mailing list