Installing a compiler by default
maihem at maihem.org
Fri Jun 16 04:19:34 BST 2006
Michael T. Richter wrote:
> I call attention to the beginning of the section you quoted:
[somebody wrote (but I haven't got a clue who):]
>>>>> But if your target is Ubuntu it will be trivial to work around the lack
>>>>> of a compiler. You're root - you can just upload one or even apt-get
> Note the words "you're root" in the establishing conditions?
For the vast majority of Ubuntu installations that is essentially true.
It is trivial for an attacker, with just a little patience and the
typical end user, to get root from the default user account of the
default install. I believe that is part of the intended trust model of
IE: don't use any apps that are supposed to sanitise then process
untrusted data as the default user. That means email, web, IM/IRC/etc.
You should be doing your daily work from a second user account that
doesn't have any configured capabilities via sudo - and do your system
administration by logging in directly to the first user account and
using sudo. This should be in the introductory documentation and the
second user should be set up by default - or the trust model should be
improved (the latter is my personal favourite).
sudo is not a barrier to a concerted or automated attack, only against
casual, half-hearted attempts.
Any opinions expressed in this message are my own opinions or those of
somebody I'm quoting, and I am not speaking for my employer.
More information about the sounder