Security question

[Colin Watson]

On Tue, Dec 17, 2013 at 01:41:24PM -0500, Rashkae wrote:
> On 13-12-17 01:21 PM, Colin Watson wrote:
> >On Mon, Dec 16, 2013 at 08:09:14PM -0500, Rashkae wrote:
> >>That's a very good catch.  My system also has the home bin
> >>directories at the start of my PATH, something I never even though
> >>to check!
> >>
> >>Yes, it's true that this poses a security risk.
> >
> >No, it really doesn't.  That directory is only writable by your user, so
> >anyone who can write to that directory can also control your user in
> >myriad other ways; for example they could use the exact same access to
> >modify ~/.bashrc.  If they have this access, they're already inside the
> >security boundary you're trying to defend.
> 
> I already explained the attack method in the e-mail, which you
> convenient cut out in you're reply, rather than address it.

I did address it; I just didn't feel it necessary to overquote.  Your
"attack vector" is in effect identical to many other ways you can use
the ability to write to the filesystem using a user's filesystem
privileges to attack that user, such as the ~/.bashrc method I noted.
You cannot defend a security boundary that simply does not exist in any
practical sense.

-- 
Colin Watson                                       [cjwatson at ubuntu.com]