sudo security concerns ?
Karl Hegbloom
hegbloom at pdx.edu
Fri Nov 26 15:08:45 CST 2004
On Fri, 2004-11-26 at 13:35 +0000, Scott James Remnant wrote:
>
> sudo with a timeout /in general/ leaves that bridge open for only as
> long as the timeout, whereas sudo with a zero timeout tends to make
> people leave a bridge there full-time.
At the very least, this issue should be documented in the manuals. Warn
users not to do that. Explain the possibility, tell them not to do
that.
Security through obscurity is not going to prevent the inevitable. As
the Linux desktop gains popularity, it will certainly attract the
attention of the kind of low-life that spray graffiti on things, steal
people's identities, and write computer virus programs. You can play
chess poorly and win when you play against a beginner, but not when you
play against an expert. Inevitably, there will be some out there better
at chess than you are. We have to make the right moves and protect our
king. This situation with Sudo looks to me like a relatively easy
target to hit...
Isn't there something in the X security model that can prevent a program
from reading keystrokes at certain times? How does that work? IIRC,
there's a menu item on 'xterm' for "secure keyboard". Does it really
work? So if the X keyboard is 'grabbed' or 'secured', then the only way
to monitor keystrokes is by a root process with access to kmem, or
kernel module, right?
When I use 'sudo' in a terminal emulator, the terminal does not
necessarily secure the keyboard when I type the password. Is there an
xterm control sequence, like the ones for setting the title bar (see the
'xtermset' package) that can have it secure the keyboard? Is there a
way for sudo to detect that it's running in a terminal that supports
this?
--
Karl Hegbloom
(o_ mailto:hegbloom at pdx.edu
//\ jabber:karlheg at jabber.org
V_/_ yahoo:karlheg
More information about the ubuntu-devel
mailing list