PolicyKit releases and !AWOL
David Zeuthen
david at fubar.dk
Sun Dec 16 19:03:50 PST 2007
On Mon, 2007-12-17 at 03:02 +0100, Michael Biebl wrote:
> Interesting. X-GNOME-SystemSettings doesn't work for me (Debian unstable).
> Is this maybe a Fedora-only thingie?
>
> Please see also:
> http://standards.freedesktop.org/menu-spec/latest/apa.html
Not sure. Looks like Matthias got cut from the Cc list; adding him back.
> Well, making it 4754, means everyone can read the binary.
> If you make it 4750, the user can download the deb/rpm and extract the
> binary from there to read it. So you don't gain any additional
> security by making it non-readable
No, but it makes it a lot harder; if you can read the file you can run
strings(1) and ldd(1) on it; that alone is a lot of useful information.
Sure, it doesn't add security but the program should be secure in the
first place (and I believe it is) otherwise it's a stop-ship bug.
It's not about "adding security" - the name of the game is about
limiting what damage can be done in the event there's a flaw in the
program. And making the file non-readable for world helps slow down the
would-be attacker (who is typically a 13-year old script kiddie with too
much time on his hands).
Also, what you are suggesting, making the file world readable, violates
the principle of least privilege: the user simply has no business
messing with that file; it's just an internal implementation detail of
higher level software (in this case libpolkit-grant.so).
David
More information about the hal
mailing list