Re: Viruses

[James Aylett <dj-gnome insigma com>]

On Wed, Jul 07, 1999 at 12:55:37AM +0100, Bruce Stephens wrote:

[Scripts during package installation]
> How necessary a vulnerability is it?  How many sorts of
> install/uninstall scripts are there?  (i.e., how feasible would a
> "safe" rpm be---one that could just run ldconfig if asked, say?)

Many Debian packages do quite a lot with their scripts, I think. Say you're
installing a mailer - then it needs to sort out all the config scripts
(because they generally need specific information taking from the running
system), probably frob /etc/aliases a bit, maybe do a few other things.

Short of using ld-preload to wrap all file system calls so it can only write
to things it installed, I can't see a sensible solution to that. Even then,
there are going to be the irritating one or two packages that are really
essential and need more. (A random example that floats through my head is
that if you install, say, xntpd, you probably want it installed into
/etc/init.d/ and set up to run automatically, and then started - all as part
of the install process.)

Certainly with Debian dpkg you can ask it what it's going to do beforehand,
but most people wouldn't bother.

Someone mentioned signing packages (I think it was right at the start of
this thread, actually). While in principle a good idea, you've got to check
the signature against something, somehow. If you've got Internet access,
modulo DNS spoofing and the host site being cracked, you can do that from
there.

I guess the more secure route would be similar to PGP's trusting system;
you'd require someone you trust to vouch for the distro you're working with.
I have a feeling that that would never work in practice, though ...

James

-- 
/--------------------------------------------------------------------------\
  James Aylett                                           www.zap.uk.eu.org
  james@tartarus.org                                    www.footlights.org