The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security: How we did it

To: Daniel Quinlan <quinlan@proton.pathname.com>
Subject: Re: Security: How we did it
From: Jon Rabone <93jkr@eng.cam.ac.uk>
Date: Mon, 18 Nov 1996 15:21:37 +0000 (GMT)
Cc: debian-private <debian-private@lists.debian.org>
Importance: low
In-reply-to: <yf2hgmnzzpu.fsf@proton.pathname.com>
Priority: non-urgent
Reply-to: Jon Rabone <93jkr@eng.cam.ac.uk>
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"uYkZ33.0.ZM6.AA8ao"@master.debian.org>
Resent-reply-to: debian-private@lists.debian.org
Resent-sender: debian-private-request@lists.debian.org

On 17 Nov 1996, Daniel Quinlan wrote:

> Can you type "chmod 755 /usr/bin/dos"?  If you can, you can make DOSEMU
> secure.  Only people who already have root access can exploit it unless

Sadly, this is not true. Up until quite recently the DOSEMU code
re-introduced a very severe kernel level security hole, the LDT bug, which
was exploitable by anyone with an account on a system which happened to
be running DOSEMU, _irrespective_ of who was actually allowed to run
DOSEMU. 

There will always be security problems, and it must be said that low level
emulators are going to be more difficult to make secure, simply because of
their complexity. DOSEMU is particularly bad because it contains mangled
chunks of the kernel code, and is therefore likely to inherit kernel-level
(i.e. severe) holes.

Possibly we can implement a multiple-level security system with Debian -
add a Security field to the control file, taking a range of values
(Untested, Configurable (for packages that may be made set(u/g)id after
installation), Broken (for packages with known bugs - this might be useful
for cases where a CERT etc. advisory has been issued against code, but a
fix is not yet available and we still wish to distribute the package),
Secure (PGP countersigned from someone with authority to say 'This is
secure') etc. Further, dselect can be allowed to make security a priority
field, listing secure alternatives to packages first. I can't envisage
many packages where this would be useful right now, but it might make the
admin job easier (along with suitable explanations - DOSEMU might, for
example, say 'Of its nature this code may compromise the security of your
system. If this is a problem, read <insert refs> before installing'. 

Jon.

--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Follow-Ups:
- Re: Security: How we did it
  - From: Daniel Quinlan <quinlan@proton.pathname.com>

References:
- Re: Security: How we did it
  - From: Daniel Quinlan <quinlan@proton.pathname.com>

Prev by Date: Re: Binary-Only packages
Next by Date: Re: Security: How we did it
Previous by thread: Re: Security: How we did it
Next by thread: Re: Security: How we did it
Index(es):
- Date
- Thread