To steer the conversation in a different direction. Perhaps there is a need to have a second umad device file which allows only for "Get" operations? I know this could be some work and I don't know if it could be completely done (I have not thought through all the details). [*]
I know there is some discussion on the interface for userspace apps and MAD's on the developers mailing list. Is this a requirement we should look into more? I know we have some need for this and now Woody has this need as well. Thoughts? Ira [*] NOTE: I am not directly volunteering to do this work ;-) But I have been interested in changing the user level MAD libraries in the past so I think I could help. On Wed, 26 May 2010 09:51:53 -0700 Justin Clift <[email protected]> wrote: > On 05/27/2010 02:19 AM, Woodruff, Robert J wrote: > > Hal wrote, > > > >> sudo can be configured for specific commands to be allowed to specific > >> users. > > > > Then perhaps that is a safer way to do it, but it would put more work > > on the system admin to set it up for people, but if setting the permissions > > of the commands to setuid root opens up a security hole, we would not want > > that. > > From an experienced SysAdmin perspective, the less setuid/setgid > programs there are on a system the better. If a system could have them > *all* removed, that would be great. :) > > Security types generally don't like them either, regarding them as a > point of weakness due to circumventing finer grained access controls > (sudo, ACLs, RBAC, etc). setuid/setgid binaries are also included (and > queried) in *every* system audit. > > Good security practise will generally change the binaries back to being > non-setuid/non-setgid (ie "normal" perms) unless there's a Very Good > Reason for them to be otherwise. > > I have personally had to secure/harden many *nix systems over the years, > plus write detailed technical best practice guides for multi-national > corporates on how to do it on more than one occasion. Last time was in > roughly 2006, and setuid/setgid stuff was regarded as bad old practise > at that time. I'd expect it would be even less favoured now. > > > > Does anyone know if setting the permissions to setuid root does actually > > open up a security hole ? > > Not directly. It just creates lots of secondary hassles for SysAdmins, > Security Admins, policy enforcement software, and monitoring software > because it introduces another vector for attack. > > People having a need for setuid or setgid root for these binaries can > most definitely do it themselves as part of their roll out. > > Not sure if that perspective helps, but you do seem to be asking. :) > > Regards and best wishes, > > Justin Clift > > > > woody > > > -- > Salasaga - Open Source eLearning IDE > http://*www.*salasaga.org > _______________________________________________ > ewg mailing list > [email protected] > http://*lists.openfabrics.org/cgi-bin/mailman/listinfo/ewg > _______________________________________________ ewg mailing list [email protected] http://lists.openfabrics.org/cgi-bin/mailman/listinfo/ewg
