Subject: Re: Shared libraries and crypt
To: Michael L. VanLoon -- Iowa State University <michaelv@iastate.edu>
From: Chris G. Demetriou <cgd@postgres.Berkeley.EDU>
List: current-users
Date: 03/17/1994 21:44:45
> The disadvantage is that if someone on your box can coax any security
> hole to write something over your shared libcrypt or to write
> something into that area of memory, everything on your box is suddenly
> compromised. Crypt should not be shared.
As i'm sure has probably been said in mail that's not reached me yet:
if someone on your box has the privs to do that, then:
(1) they've got root (in which case, you should pack up and
go home, if they know anything about the system -- if
not, they won't know about libcrypt anyway!)
(2) they've found a VM bug.
if (2), and they could overwrite the definition of crypt
in a global manner, they could e.g. overwrite the definitions of
'read' and 'write', etc. to do whatever they wanted too.
i.e. "pack up and go home."
having a shared crypt library:
(1) poses no significant additional security risks
(i.e. it can only screw you slightly more...)
(2) it makes life a fair amount easier for users and
developers.
If you're worried about a shared crpyt being your weakest
point, then, well, you obviously haven't e.g. looked at
those nice ethernet taps in other peoples' offices.
cgd
------------------------------------------------------------------------------