On Fri 2015-02-13 12:28:25 -0500, Kristian Fiskerstrand wrote:
> The startup-scripts provided by whichever sane distribution should fix
> this anyways to be a non-issue. From the Gentoo /etc/init.d/sks-db:
>
> start_pre()
> {
> checkpath --owner sks:sks --directory \
> ${SKS_DIR} ${SKS_DIR}/KDB ${SKS_DIR}/PTree
> checkpath --owner sks:sks --file \
> ${SKS_DIR}/*.log ${SKS_DIR}/KDB/* ${SKS_DIR}/PTree/*
> }
I don't know what checkpath is, but i assume it's intended to force the
ownership to a given user.
This suggests that (depending on the kernel version and configuration, i
guess) the sks process can actually take control over arbitrary files in
the same filesystem by hardlinking them into those locations.
For example, if someone uses the same filesystem for their entire
machine (a common configuration these days) then somoene who has taken
control of an sks instance can do:
ln /etc/passwd ${SKS_DIR}/passwd.log
then at the next service start, /etc/passwd will be owned as sks:sks.
I don't think that's a great idea.
--dkg
_______________________________________________
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel
