From: ng0 <contact.ng0@cryptolab.net>
To: Danny Milosavljevic <dannym@scratchpost.org>
Cc: guix-devel@gnu.org
Subject: Re: server and client in one package -> security issue (was: Add murmur)
Date: Tue, 14 Feb 2017 09:51:11 +0000 [thread overview]
Message-ID: <20170214095111.mlehnt2mkqm57nza@wasp> (raw)
In-Reply-To: <20170214101651.068fb59a@scratchpost.org>
On 17-02-14 10:16:51, Danny Milosavljevic wrote:
> Hi,
>
> I think the argument that things that don't exist can't be abused is a good one.
>
> However, a regular user can install it anyway. I don't remember when I last ran "guix package -i" as root. I just run it using my regular user account.
>
> So to separate the outputs adds just a miniscule step.
>
> In the end, there's a trade-off to be made. Either we trust users to develop, too, or not. Obviously they can use it for good or bad, then.
>
> I myself am a free software hacker and I'd prefer if systems automatically had the development stuff installed so others can be free software hackers, too.
>
> And an experienced hacker doesn't need header files either. I made up some of my own just searching Google - it's not difficult and takes about 30 min at most.
>
> If we want hardened critical production systems, I agree it should only contain absolutely required files with programs as simple as one can get them, use SELinux and use hardened gcc and someone should have reviewed the base libraries and any other stuff that runs (basically until a reasonable confidence level is reached).
>
> I don't think Guix should do that, though. IMO locking down everything for users is basically the antithesis of the FSF.
>
Interjecting here my opinion for a short moment, I think with hardening
gcc and other parts of the toolchain more can be achieved.
I don't want to be too optimistic, but I hope to be done with one part
of this by summer (doing work in parallel).
Whatever results from this discussion should be written down in the
documentation, as this is obviously an impression and question which
could arise.
What makes my gut feeling (practical experience with hardening is
limited to the SysOps and compiling side with me) okay is that Gentoo
doesn't do much more than some Elf, PaX kernel (at your choice), GrSec
or SELinux, some tools for pax etc, and hardening the libcs.
--
ng0 -- https://www.inventati.org/patternsinthechaos/
next prev parent reply other threads:[~2017-02-14 9:49 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-01 20:43 Add murmur contact.ng0
2017-02-01 20:43 ` [PATCH] gnu: mumble: Add 'murmur' output contact.ng0
2017-02-01 21:15 ` Add murmur ng0
2017-02-09 16:50 ` Ludovic Courtès
2017-02-09 18:20 ` ng0
2017-02-09 22:50 ` Ludovic Courtès
2017-02-10 21:39 ` ng0
2017-02-10 21:54 ` Marius Bakke
2017-02-10 22:15 ` ng0
2017-02-11 14:31 ` Ludovic Courtès
2017-02-11 14:39 ` ng0
2017-02-12 13:37 ` Ludovic Courtès
2017-02-12 13:53 ` ng0
2017-02-12 13:57 ` David Craven
2017-02-12 14:02 ` ng0
2017-02-12 14:37 ` David Craven
2017-02-12 17:01 ` Hartmut Goebel
2017-02-12 17:42 ` pelzflorian (Florian Pelz)
2017-02-13 14:15 ` Ludovic Courtès
2017-02-12 17:54 ` David Craven
2017-02-14 10:13 ` Hartmut Goebel
2017-02-14 9:00 ` ng0
2017-02-12 12:23 ` server and client in one package -> security issue (was: Add murmur) Hartmut Goebel
2017-02-12 12:31 ` ng0
2017-02-12 12:53 ` David Craven
2017-02-12 16:52 ` server and client in one package -> security issue Hartmut Goebel
2017-02-13 14:13 ` Ludovic Courtès
2017-02-14 10:28 ` Hartmut Goebel
2017-02-14 11:19 ` Andy Wingo
2017-02-14 9:16 ` server and client in one package -> security issue (was: Add murmur) Danny Milosavljevic
2017-02-14 9:51 ` ng0 [this message]
2017-02-14 10:44 ` server and client in one package -> security issue Hartmut Goebel
2017-04-24 7:01 ` Maxim Cournoyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170214095111.mlehnt2mkqm57nza@wasp \
--to=contact.ng0@cryptolab.net \
--cc=dannym@scratchpost.org \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).