Re: Ownership and permissions for applications: security issues?
Re: Ownership and permissions for applications: security issues?
- Subject: Re: Ownership and permissions for applications: security issues?
- From: Steve Checkoway <email@hidden>
- Date: Thu, 13 Sep 2007 21:45:05 -0700
On Sep 13, 2007, at 11:27 AM, Greg Guerin wrote:
Steve Checkoway wrote:
That said, one thing you could do is add a small binary in your app's
bundle such that if everything in your bundle isn't owned by root,
you
run the binary which attempts to authorize itself (or possibly the
app
authorizes and runs the binary as root) and then chown(2) everything
to root.
Be careful with that approach.
If the executable blindly does a chown(2), then a latent setuid-foo
executable (e.g. a booby-trap left by malware) will become setuid-
root.
The integrity and authenticity of everything being chown'ed to root
should
be verified first. If something shouldn't be there, or isn't
authentic, it
should all be left alone.
This presents another problem: the list of authentic items to chown
should
itself be authenticated... and so on.
I didn't mean to imply that I endorsed this approach, just that if he
were dead set on using 555 and 444 and really wanted to prevent the
user from changing it. I think it's a bad idea to be doing this.
As everyone pointed out, developers shouldn't be trying to protect
users from themselves in this manner.
It would be less troublesome to create an Installer package.
Oh absolutely. Of course, for commercial stuff, you have to pay for a
license and even more to the point, this was about drag installed
applications.
--
Steve Checkoway
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden