[prev in list] [next in list] [prev in thread] [next in thread]
List: gentoo-dev
Subject: Re: [gentoo-dev] Non-root emerges
From: Ned Ludd <solar () gentoo ! org>
Date: 2004-09-30 19:55:39
Message-ID: 1096574139.6464.1.camel () simple
[Download RAW message or body]
On Thu, 2004-09-30 at 15:21, Stephen P. Becker wrote:
> > Remember, it's not just security though. A bug in a script when run
> > as root could wipe out all or parts of a system.
> >
>
> ...which is the reason why we have sandbox. FEATURES="sandbox" causes
> an emerge to terminate immediately with an access violation if it
> attempts to touch system files before the build is complete.
>
> I'm not saying you are wrong by the way, I'm just pointing out that
> stuff like this has been thought of before, so portage has safety nets
> accordingly.
And sandbox does such a good job.
cd /usr/lib/portage/bin/ && HOME=`perl -e 'print "A"x512'` && ./sandbox
========================== Gentoo linux path sandbox
===========================
Detection of the support files.
Verification of the required files.
Setting up the required environment variables.
sandbox: stack smashing attack in function setenv_sandbox_write()
Aborted
>
> Steve
>
>
>
> --
> gentoo-dev@gentoo.org mailing list
--
Ned Ludd <solar@gentoo.org>
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic