[svlug] A strange thing...

Gies, Dennis dennis.gies at intel.com
Fri Oct 9 15:59:00 PDT 1998

Previous message: [svlug] A strange thing...
Next message: [svlug] Linus on Computer cronicles
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In case anyone is concerned about hiding their pornography from users of
locate,
there is a program called Secure Locate posted on freshmeat today.  It
stores
the security info along  with the file info, and only shows users what they
should be seeing....

Dennis Gies
dennis.gies at intel.com

> 
> There was actually a thread on bugtraq or another security 
> list which argued
> that letting ordinary users view the output of a "find" 
> running as root was
> a security hole, for various reasons.  (One is that some 
> security holes allow
> you to view the contents of arbitrary files, but you have to 
> know their
> filenames.  If every user can learn the name of every file on 
> the system, it
> will be easier to exploit such security holes.)
> 
> Another reason is that the existence of certain files can be 
> considered
> personal information.  Imagine
> 
> /home/doctor/medical_records/psychological/Joseph_R_Hacker
> 
> Sometimes information of a personal nature may be stored in 
> filenames.  Also,
> 
> /home/rival/completed-projects/big-huge-project.tar.gz
> 
> Perhaps rival does not want you to know which projects he has 
> completed.
> (This applies in business situations where servers are 
> operated by a third
> party, like an ISP, but used by various businesses; it also 
> applies in school
> situations, where instructors may create "drop box" 
> mechanisms of various
> types, which contain students' completed work.  Sometimes 
> whether or not you
> have finished something, or written something, or even 
> whether you are _aware_
> of something -- so as to have a file on it -- can be confidential.)
> 
> /home/rival/patent-application.dvi
> /home/rival/patent-application.ps
> 
> Aha, so rival is almost ready to file for his patent -- he's 
> printing out
> proofs of it!
> 
> Another famous case is "locate gif"; on some large multiuser 
> systems, in
> the old days, this would tell you who had porn, and how much, 
> and of what
> types -- even if the porn was kept in a private directory.  
> So updatedb
> running as root creates material for blackmail.  If you doubt 
> this, well, I
> can send you the output of "locate gif" and "locate jpeg" 
> from soda, a large
> multiuser box on campus -- _thousands_ of pictures, and those 
> are (now) just
> the ones people intentionally make available to others.
> 
> The bottom line is that letting people see the names of files 
> that they would
> not ordinarily have permission to learn about via directory 
> listings is
> considered a bad thing.  It was a deliberate decision on the 
> part of those
> who changed updatedb to run as nobody rather than root, as a 
> result of a
> detailed discussion.
> 
> --
>    Seth David Schoen L&S '01 (undeclared) / 
> schoen at uclink4.berkeley.edu
> He said, "This is what the king who will reign over you will 
> do."  And they
> said, "Nay, but we will have a king over us, that we also may 
> be like all the
> nations." (1 Sam 8)  http://ishmael.geecs.org/~sigma/   
http://www.loyalty.org/

--
echo "unsubscribe svlug" | mail majordomo at svlug.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe

--
echo "unsubscribe svlug" | mail majordomo at svlug.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe

Previous message: [svlug] A strange thing...
Next message: [svlug] Linus on Computer cronicles
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list