X-Original-To: alpine-devel@mail.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from mail.alpinelinux.org (dallas-a1.alpinelinux.org [127.0.0.1]) by mail.alpinelinux.org (Postfix) with ESMTP id C8D03DC09E9 for ; Sun, 31 May 2015 10:02:57 +0000 (UTC) Received: from mail-wi0-f175.google.com (mail-wi0-f175.google.com [209.85.212.175]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id 77DCADC00DF for ; Sun, 31 May 2015 10:02:52 +0000 (UTC) Received: by wizo1 with SMTP id o1so71228397wiz.1 for ; Sun, 31 May 2015 03:02:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=rh7fNfjIt3xBk68ontIc1LQ2cGKd+OxaKtnk6ukmf98=; b=k6wEM1xrUXvEXrwrnH6CVSMS/rULLMt27OIDwR+Jl+z1EMxZjbFTnm2/eZNyhXbRe3 xfpRkrYkc/7WWKp3KePbFtwEPzw6ZEY6VPw8+fNM/EGonE2ohz7K/bNrJzc8htdhqo7z +YMG2MhuwDtvKSU9uQQPih0+r4/hv4XkfPIxpvDm+GLnh07okyORvJLmpvJyqbV5YNAO 2GfHRD9ktIn8zguMN6zLNnpkGfeQoLKXg46JpP2i6xhWcuCB6myetRoyA1/5aztBqY7D LtSO6d7Xv4bT8NkV21zGvdob6uYo3QqXm2C79jPrqTHM0+vJl4T7ByjW5J6I9COA9yeB N1bQ== X-Gm-Message-State: ALoCoQm65edMJL+UMI8UlHXiry8/jnNvvg4hINk5VR/HgDvi9F8tBYu3AS7denot1tJNgmvKSCDO X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 X-Received: by 10.194.23.197 with SMTP id o5mr31453442wjf.75.1433066570714; Sun, 31 May 2015 03:02:50 -0700 (PDT) Received: by 10.180.189.5 with HTTP; Sun, 31 May 2015 03:02:50 -0700 (PDT) In-Reply-To: References: <20150527131901.790405cc@twinpeaks.my.domain> <20150529111035.0f06eb3e@twinpeaks.my.domain> Date: Sun, 31 May 2015 05:02:50 -0500 Message-ID: Subject: Re: [alpine-devel] 3.3 proposal: reduce number of SUID binaries as much as possible From: William Pitcock To: Orion Cc: alpine-devel@lists.alpinelinux.org Content-Type: text/plain; charset=UTF-8 X-Virus-Scanned: ClamAV using ClamSMTP Hello, On Fri, May 29, 2015 at 8:07 PM, William Pitcock wrote: > Hello, > > On Fri, May 29, 2015 at 1:10 PM, Orion wrote: >> # Note >> Trying to get rid of SUID/SGID executables from alpine-mini most likely >> will intruduce more complexity. I concede that this may not be worth the >> effort for the alpine-mini ISO as an install medium but as installation >> options, like choosing between between dropbear and openssh for your >> ssh daemon. >> >> On Fri, 29 May 2015 11:42:31 -0500 >> William Pitcock wrote: >> >>> As far as I know there's no SUID/SGID enabled packages in alpine-mini >>> other than bbsuid which we install to proxy only the SUID-needing bits >>> of busybox. >> >> While most likely that is true there are programs that are symbolically >> linked to /bin/bbsuid and don't strictly have to be. >> >> * /bin/ping >> * /bin/ping6 >> * /usr/bin/traceroute > > I am preparing to push a busybox update which handles this using file > capabilities as you mention below. This is now in busybox-1.23.2-r1. I am still investigating how best to handle migration to a TCB type thing. bbsuid presently wraps: === const static char * applets[] = { "/bin/mount", "/bin/umount", "/usr/bin/crontab", "/usr/bin/passwd", "/usr/bin/su", NULL }; === It may be more interesting to extend capabilities to handle /bin/mount and /bin/umount, or perhaps, require membership in a staff group to use those commands. /usr/bin/passwd is handled by TCB and I believe crontab can be handled by giving the user ownership of their crontab file. /usr/sbin/su, should of course, be suid. William --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---