Wanna volunteer?:) Seriously, we wanted to update the site long time ago, but we are not good at web design and our team is too small and quite busy to spend time on something we aren't good at. From the pure technical point of view, the site provides all the necessary information we wanted it to provide. True, there are no whistles and bells, but every bit of info is there. We would appreciate any help with making our site better!
Well, why do you want to expose a system to a risk in the first place if you can simply avoid it? There are too many vectors of attack on a transition from a non-privileged account to a more privileged one. BTW, the non-privileged account there for a reason - to do regular stuff on day-to-day basis, this also means that they are likely to be accessed from untrusted places (e.g. internet cafes, other people's computers, etc.). The risk of leaking credentials for such an unprivileged account is quite high.
Re: immutable/append-only flags -- you are obviously wrong, chattr -i and chattr -a are your friends to remove these flags in a normal multi-user runlevel, indeed, you need to be root to do it, though.
If you can't su or sudo, how you get anything done?
This depends on the task. If you are a local user and need root powers - switch your console to a fresh one and login as root. If you were talking about getting root powers on a remote host, the best practice is to ssh as root directly (given that you are behind a trusted terminal).
Oh, fandingo has already quoted the entire message I provided link for in his/her comment "Dropping SUID doesn't improve security", however I don't agree with the comment title since proper dropping of SUID _DOES_ improve security, and Owl is one of such examples.
No, Fedora are using a different approach. We do not replace SUID/SGID with capabilities, instead we carefully design the system to take advantage of the standard Un*x OS level permissions. JFYI, all this buzz with replacing SUID/SGID binaries emerged from the recently discovered vulnerability (BTW, Owl was among few distributions which wasn't affected by that vulnerability at all), but unfortunately people are often getting things wrong, when it comes to security. Please review the following message that describes some pitfalls along Fedora or Ubuntu's ways: http://www.openwall.com/lists/oss-security/2010/11/08/3 .
Yes, our distro doesn't encourage users to use su or sudo. The reason is that escalating privileges from a less privileged account to a more privileged account is bad from security standpoint.
I found the following message in our mailing list. In this message Solar Designer explains the issue with su/sudo: http://www.openwall.com/lists/owl-users/2004/10/20/6
An excerpt from the above message:
"Presently, the only safe use for su is to switch from a more
privileged account to a less privileged one (whenever this distinction
can be made) in a non-interactive script (without a tty). As soon as
a tty is used, there is a security problem. As soon as you su to a
more privileged account, there is another security problem."
I hope you'd find this useful.
Well, a poorly written script (and there are many of these nowadays) on a web server may allow an execution of an arbitrary process on the server -- so our hardening measures will try protect the system from the inside. Indeed, this is a quick response on your question, feel free to ask if you want me to elaborate further on this topic.
No, officially we don't support ARM, but I have plans to make an ARM build of a stripped down Owl since the number of ARM-based devices is rapidly growing at my home.:) A DSL modem, a NAS box, and a couple of netbooks - all are ARM based. This gives me a lot of temptation to build Owl for ARM.:)
Slashdot Mirror
Yep, tracking new messages here is a torture... I wish there was a mode to see just new messages since the last visit.
Wanna volunteer? :) Seriously, we wanted to update the site long time ago, but we are not good at web design and our team is too small and quite busy to spend time on something we aren't good at. From the pure technical point of view, the site provides all the necessary information we wanted it to provide. True, there are no whistles and bells, but every bit of info is there. We would appreciate any help with making our site better!
Well, why do you want to expose a system to a risk in the first place if you can simply avoid it? There are too many vectors of attack on a transition from a non-privileged account to a more privileged one. BTW, the non-privileged account there for a reason - to do regular stuff on day-to-day basis, this also means that they are likely to be accessed from untrusted places (e.g. internet cafes, other people's computers, etc.). The risk of leaking credentials for such an unprivileged account is quite high. Re: immutable/append-only flags -- you are obviously wrong, chattr -i and chattr -a are your friends to remove these flags in a normal multi-user runlevel, indeed, you need to be root to do it, though.
If you can't su or sudo, how you get anything done?
This depends on the task. If you are a local user and need root powers - switch your console to a fresh one and login as root. If you were talking about getting root powers on a remote host, the best practice is to ssh as root directly (given that you are behind a trusted terminal).
Basically if you exploit something with 'shadow' (i.e. passwd) you add a root user account to /etc/passwd and su to it.
This is not true. You can't do anything like this even if you acquire the shadow membership:
server!galaxy:~$ ls -ld /etc/passwd /etc/tcb /etc/passwd /etc/tcb
-rw-r--r-- 1 root root 3956 2010-06-03 21:08
drwx--x--- 99 root shadow 4096 2010-06-03 21:08
server!galaxy:~$
and the structure under /etc/tcb/ is also not writable to shadow:
server!root:~# ls -ld /etc/tcb /etc/tcb/galaxy /etc/tcb /etc/tcb/galaxy
drwx--x--- 99 root shadow 4096 2010-06-03 21:08
drwx--s--- 2 galaxy auth 4096 2009-10-24 04:44
server!root:~#
Re: crontab -- good luck with hijacking crontab on Owl :). The code was carefully audited for security issues and was hardened against possible abuses.
Oh, fandingo has already quoted the entire message I provided link for in his/her comment "Dropping SUID doesn't improve security", however I don't agree with the comment title since proper dropping of SUID _DOES_ improve security, and Owl is one of such examples.
No, Fedora are using a different approach. We do not replace SUID/SGID with capabilities, instead we carefully design the system to take advantage of the standard Un*x OS level permissions. JFYI, all this buzz with replacing SUID/SGID binaries emerged from the recently discovered vulnerability (BTW, Owl was among few distributions which wasn't affected by that vulnerability at all), but unfortunately people are often getting things wrong, when it comes to security. Please review the following message that describes some pitfalls along Fedora or Ubuntu's ways: http://www.openwall.com/lists/oss-security/2010/11/08/3 .
Yes, our distro doesn't encourage users to use su or sudo. The reason is that escalating privileges from a less privileged account to a more privileged account is bad from security standpoint. I found the following message in our mailing list. In this message Solar Designer explains the issue with su/sudo: http://www.openwall.com/lists/owl-users/2004/10/20/6 An excerpt from the above message: "Presently, the only safe use for su is to switch from a more privileged account to a less privileged one (whenever this distinction can be made) in a non-interactive script (without a tty). As soon as a tty is used, there is a security problem. As soon as you su to a more privileged account, there is another security problem." I hope you'd find this useful.
Well, a poorly written script (and there are many of these nowadays) on a web server may allow an execution of an arbitrary process on the server -- so our hardening measures will try protect the system from the inside. Indeed, this is a quick response on your question, feel free to ask if you want me to elaborate further on this topic.
No, officially we don't support ARM, but I have plans to make an ARM build of a stripped down Owl since the number of ARM-based devices is rapidly growing at my home. :) A DSL modem, a NAS box, and a couple of netbooks - all are ARM based. This gives me a lot of temptation to build Owl for ARM. :)