On 12/02/15 12:13, René J.V. Bertin wrote:
On Thursday February 12 2015 12:33:53 Clemens Lang wrote:
You should be aware of the security implications of this change. For example,
sudo port edit vim gets you arbitrary code execution and arbitrary file access
as
root.
Exactly one of the reasons I don't like rendering sudo implicit, and even less
strip it of its pw protection.
I really prefer to take my chances making select parts of the FS writable to
the admin group, and allow non-privileged port to write to my home directory.
There's nothing in there that I cannot restore from backup. The same applies
for the rest of the system, but recuperating from a borked OS or from a borked
$HOME are not exactly comparable in terms of effort.
I would actually argue allowing port to run via sudo without requiring a
password could be viewed as improving security. By allowing 'sudo port'
to run without a password, you never have to authenticate, which means
sudo never enters into its state where it can run *any* command without
a password. This means running
> sudo port XYZ
> sudo <something bad>
will prompt you for a password on that second command, because the first
does not require one. If you had to enter a password for the first
command, then the second would just run...
Of course, if port itself is viewed as a security risk that is a
different issue. However I would argue that given that for most users
running 'sudo port XYZ' is a very common activity, they are quite likely
to just enter their password without thinking much, so whether or not it
is required is really a moot point...
So yeah, personally I consider allowing port to run through sudo without
a password improves my security against me doing something bad with sudo
later on, not degrades it.
Chris
R.
_______________________________________________
macports-dev mailing list
[email protected]
https://lists.macosforge.org/mailman/listinfo/macports-dev
_______________________________________________
macports-dev mailing list
[email protected]
https://lists.macosforge.org/mailman/listinfo/macports-dev
