John Kasunich wrote: > This part raises a red flag for me, as I mentioned on IRC last night. > > If you set this passwordless sudo, then it is theoretically possible for > somebody to check a trojan makefile into our CVS, and a few minutes > later it would run on your box as root. If your buildbot system is a > dedicated virtual machine used for nothing else, the risk is probably > tolerable. I would NOT make this change to /etc/sudoers if "farmer" is > a user on a non-virtual machine that you use for other things. > > Let me tell you, from PERSONAL experience, that there are professional bank criminals that are searching the net continuously for systems with weaknesses they can exploit. I put in denyhosts, and thought that cutting off all access to a particular IP address after 5 failed logins was sufficient to protect me. Well, if a pro has several hundred compromised machines available, and the dedication to use them, that is not good enough. They figure out how many login failures it takes to get bumped, and what the time is to reset those IPs to OK. Then, they make a rolling attack, using N-1 attempts per IP per reset period. I was oblivious as they were making several hundred attemps a day over 2 months before they finally got lucky and guessed my password. Now, it takes only 3 login failures over 90 days to put you on the hosts.deny list. I even get myself locked out every once in a while, and have to reset the counters. > The odds of such a thing happening are slim - Joe Hacker can't commit a > trojan, only someone with commit access to the server could do it. And, > the CVS logs would tell us exactly who it was, so we could give them the > beating they so richly deserve. But the risk needs to be acknowledged. > > Yeah, it wouldn't be a real user, just somebody who broke a password. If they can get several hundred tries a day for months, they WILL get in, unless you have some really tough passwords. I'm still looking for an even more robust scheme, some kind of challenge/response that doesn't require a computer to formulate the response.
Jon ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Emc-developers mailing list Emc-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-developers
