-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 mop48836 wrote: ...
What really bothers me is what you guys pointed out: quoting Jorge: "That means, for ejemplo, that if the package contains files that will go into sensible dirs like /etc, /usr etc, all of them will belong to user kosta, which is ugly. ;-)"
Yes, but it's also a feature when used properly, because not everything is installed as root. Especially with daemons (servers), e.g. apache: they're often using their own, unprivileged, system account (e.g. "wwwrun" for apache), and some permissions have to be set accordingly.
So, suppose that someone builds rpms with those directives (%deffatr, ...) with "common" user names, like "mike", "dave", etc. (not like "kosta", rather unusual..) with the purpose to compromise, "statistically", those machines? Would that be possible?
Oh, sure, but you can do a lot of much nastier things with RPMs. RPMs have post-installation scripts. If you build an RPM with the following in the spec file: %post /bin/rm -rf / then, when you install that package, it will trash your system (i.e. remove all your files).
If yes, wouldn't it be a severe security flaw?? i can't believe that!!
Yes, somehow. That's why we need good packagers, a web of trust, and that's also why packages are digitally signed.
We enjoy Linux for many reasons, and i think that at least once is to have some security integrity, not like the other OS mentionned. I wish i am wrong, and that a distributed rpm in places not as "reliable" as sourceforge, packman, etc. could not lead anyone to having his/hers Linux box compromised.
Sure, it could. And you can't really change that, as you would have to strongly restrict RPM's
flexibility. Some RPMs also automatically create required user accounts, etc etc...
In the end, it is executing code as root. And that can punch quite a big hole in your system.
But on the other hand, it's also much required to work properly.
I don't really see a technical approach to avoid this.
cheers
- --
-o) Pascal Bleser http://linux01.gwdg.de/~pbleser/
/\\