Re: Remove inetutils from LFS [was Re: GCC-4.0.1]
On Mon, Aug 22, 2005 at 12:03:49PM -0400, Jason Gurtz wrote: On 8/21/2005 10:54, Matthew Burgess wrote: ping.c:63 - This program has to run SUID to ROOT to access the ICMP socket. That's crazy. Normal pings shouldn't require root. IIRC, the standard kernel socket interface simply has no way to send any kind of ICMP packet (echo-request included). Therefore, you need to open a raw socket, and write the headers yourself. To create a socket using PF_PACKET and SOCKTYPE_RAW (which I believe is the only way to send ICMP), you must be root. The socket() call will fail if you aren't root, and you pass those flags. It may be possible to use PF_PACKET and SOCKTYPE_DGRAM, but I don't know for sure. (That may require the caller to be root also). This isn't a requirement of the ping program. It's a requirement of the kernel. pgpYCoofaR5bz.pgp Description: PGP signature -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
Re: Remove inetutils from LFS [was Re: GCC-4.0.1]
On 8/22/2005 12:39, Bryan Kadzban wrote: On Mon, Aug 22, 2005 at 12:03:49PM -0400, Jason Gurtz wrote: That's crazy. Normal pings shouldn't require root. IIRC, the standard kernel socket interface simply has no way to send any kind of ICMP packet (echo-request included). Therefore, you need to open a raw socket, and write the headers yourself. Hmm, still think it's crazy. Maybe that's a missing feature in the kernel? Somehow I think that'll never see the light of day. I looked and my ping is setuid. -rwsr-xr-x1 root root15876 Sep 4 2001 /bin/ping* ~Jason -- -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
RE: Remove inetutils from LFS [was Re: GCC-4.0.1]
Hmm, still think it's crazy. Maybe that's a missing feature in the kernel? Somehow I think that'll never see the light of day. I looked and my ping is setuid. -rwsr-xr-x1 root root15876 Sep 4 2001 /bin/ping* Yep, it may be crazy, but that's how it is... Stops people from hacking into a poorly-protected user account and wreaking all kinds of havoc with raw sockets. :D So that's why ping is always setuid to root... So that it will actually WORK. :) Dave -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
Re: Remove inetutils from LFS [was Re: GCC-4.0.1]
Jason Gurtz wrote: On 8/22/2005 12:39, Bryan Kadzban wrote: On Mon, Aug 22, 2005 at 12:03:49PM -0400, Jason Gurtz wrote: That's crazy. Normal pings shouldn't require root. IIRC, the standard kernel socket interface simply has no way to send any kind of ICMP packet (echo-request included). Therefore, you need to open a raw socket, and write the headers yourself. Hmm, still think it's crazy. Maybe that's a missing feature in the kernel? Somehow I think that'll never see the light of day. I looked and my ping is setuid. -rwsr-xr-x1 root root15876 Sep 4 2001 /bin/ping* I think it would be a much greater security problem if sending icmp or opening raw sockets by non-root users was allowed. Controlling access through a well audited executable with suid privs is a much more secure alternative. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
Re: Remove inetutils from LFS [was Re: GCC-4.0.1]
On 8/22/2005 13:25, Matthew Burgess wrote: Unless of course it happens to be inetutils-ping (http://lists.gnu.org/archive/html/bug-inetutils/2005-07/msg00030.html) :-) Ouch! ~Jason -- -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
GNOME-2.12/GTK+-2.8/Cairo/libpixman
Hi all, With the GNOME-2.12 release due to be ready in a couple of weeks, I'd like to propose a couple of new packages that need to be added to the BLFS book. It is my understanding that GNOME-2.12 will require the 2.8 branch of GTK+. This is a brand-new release and now requires the Cairo graphics library. Though there is not a *stable* release of Cairo as of yet (there is a snapshot tarball, cairo-0.9.2.tar.gz), I'm certain there will be one soon. You can check out Cairo at http://cairographics.org/introduction Cairo at this point requires the libpixman library, so this package should probably be added to BLFS as well. I will get the new pages ready, and add them to BLFS after some discussion of this proposal. -- Randy rmlscsi: [GNU ld version 2.15.94.0.2 20041220] [gcc (GCC) 3.4.3] [GNU C Library stable release version 2.3.4] [Linux 2.6.10 i686] 13:30:00 up 142 days, 13:03, 3 users, load average: 0.28, 0.23, 0.41 -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: Remove inetutils from LFS [was Re: GCC-4.0.1]
On Aug 22, 2005, at 12:33 PM, Jason Gurtz wrote: Certainly raw sockets would be a huge risk, but I don't see how echo_reply at a 1 per second rate or something is a problem. Except you'd have to add a kernel interface just to send ICMP echo requests, along with whatever options you want to allow non-root users to specify. IMHO that is at least as crazy as a setuid program with the same purpose. Even a general interface to send ICMP packets is much too dangerous -- send out a few HOST UNREACHABLEs with the local router's address and you'll knock the whole subnet offline. That's one of the reasons there's not an interface to create ICMP packets in the first place, for root or anyone else. Zach smime.p7s Description: S/MIME cryptographic signature -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
Re: Shared library permissions
On Mon, 22 Aug 2005, Matthew Burgess wrote: Hi folks. Does anyone know why shared libraries need the execute bit set on them? My most recent build (gcc4-based) has most[1] *.so files installed with 755 permissions. As it's so consistent, I'm assuming there is a reason for them to be executable. Thanks to Tarek Ghaleb and Andrew Benton for highlighting the issue [2]. [1] Exceptions being: /lib/libproc-3.2.5.so (555), /usr/lib/libc.so (644), /usr/lib/libpthread.so (644), /usr/lib/preloadable_libintl.so (644), and Perl's modules (555) /usr/lib/lib{c,pthread}.so aren't libraries, they are ld scripts. Ken -- das eine Mal als Trag?die, das andere Mal als Farce-- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
Re: Remove inetutils from LFS [was Re: GCC-4.0.1]
On Mon, Aug 22, 2005 at 01:33:37PM -0400, Jason Gurtz wrote: Certainly raw sockets would be a huge risk, but I don't see how echo_reply at a 1 per second rate or something is a problem. I guess a non-root user could flood a host just as easily with some standard TCP packet--HTTP GET for example by forking wget? Seems like it would be a better idea to just (uh oh, there's that word just ;) have a limited per user heap of available network connections. Hey, wouldn't it be cool if root could arbitrate how many of each type (TCP, UDP, ICMP) of connection each user/group had in each of its instance's heap. There is. It's called iptables. -- Archaic Want control, education, and security from your operating system? Hardened Linux From Scratch http://www.linuxfromscratch.org/hlfs -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page