Re: Problem with ownership of agent persistent stores in v5.2.2

Tue, 06 Dec 2005 10:47:26 -0800 

>>>>> On Tue, 6 Dec 2005 13:38:26 -0500, Robert Story <[EMAIL PROTECTED]> said:

Robert> On Tue, 06 Dec 2005 09:32:15 -0800 Wes wrote:
WH> 1) I don't think we should switch back to root to write files

Robert> Ok, but I figured we'd need this up/down-grade capability in
Robert> general to allow an agent to run as non-root most of the time,
Robert> even on platforms that require root access for access to some
Robert> kernel data.

Well the instant you start doing that you minimize the point in the
first place.

WH> 3) I think the correct fix is actually to define which tokens are
WH> allowed to exist in the persistent storage file.

Robert> I had this thought too. This works ok as long as you trust all
Robert> your mib modules.

if you don't trust them, shove them into a sub-agent.  When would you
not trust one rolled into the core?  If you don't trust it you
shouldn't have compiled it in or else a system("own_you") is just too
easy to put in somewhere.

WH> Something like
WH> netsnmp_app_register_persistent_token("foo") which would specify
WH> that token was legal to load from a persistent storage file.

Robert> I'd also like to see a hard-coded list of tokens where were
Robert> excluded (eg pass).

Security works much better when you define inclusion lists rather than
exclusion.

Robert> We should probably apply this logic to *any* config file which
Robert> is writable by anyone other than root.

actually, that's roughly what my logic did...  I didn't state that
very clearly, but the point would be to check all files against that
logic not just persistence.  I designed it so that it should do the
right thing no matter what the file was used for.

-- 
Wes Hardaker
Sparta, Inc.


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders

Reply via email to