Subject: Re: HEADS UP: migration to fully dynamic linked "base" system
To: Noriyuki Soda <firstname.lastname@example.org>
From: Johnny Billquist <email@example.com>
Date: 08/27/2002 17:48:49
On Wed, 28 Aug 2002, Noriyuki Soda wrote:
> >>>>> On Tue, 27 Aug 2002 17:34:14 +0200 (CEST),
> Johnny Billquist <firstname.lastname@example.org> said:
> > While true, that goes both ways. It also becomes a potentially more
> > dangerour system. Sneak things into libc, and you have an even better
> > chance at perverting things.
> > I don't want to get into a security discussion here, but I don't really
> > like the dynamic library things being praised as a security improver.
> This objection doesn't make any sense.
If I put it this way then:
assuming you have a number of plastic cards, and a way of changing the PIN
code for all of them in one stroke. Would you consider it an improvement
of your security to have the same code on all cards?
> If an intruder can modify a file in root partion, he don't have to
> use libc as the target. Rather, he can use kernel image to modify.
> Then he can do everything he wants. (Even without dynamic /bin or
> /sbin, of course).
Yes. But assuming he can just manage by luck (or whatever) to sneak
something in, then libc is a really good candidate, even better now than
Johnny Billquist || "I'm on a bus
|| on a psychedelic trip
email: email@example.com || Reading murder books
pdp is alive! || tryin' to stay hip" - B. Idol