Ticket #502 (closed defect: fixed)

Opened 13 years ago

Last modified 12 years ago

[S] Possible privilege escalation in security init scripts

Reported by: mggr Owned by: pjkersha
Priority: desirable Milestone: System Integration
Component: security Version:
Keywords: Cc: mggr@…

Description

The current init scripts (source:TI12-security/trunk/python/share) source ndgSetup.sh (owned by a non-root user) as root. If the non-root user is compromised, ndgSetup.sh could be altered to allow arbitrary commands to be executed as root on the next running of the init script.

One solution might be to execute the command as a sub-shell owned by the non-root user (not looked into this in enough detail to offer code yet).

Probably not a big deal, but best to be safe :)

Change History

comment:1 Changed 13 years ago by pjkersha

  • Status changed from new to assigned

Ensure script is executed by the ndg user by putting the source script command within the 'su' that starts the python server script.

comment:2 Changed 12 years ago by pjkersha

  • Cc mggr@… added
  • Status changed from assigned to closed
  • Resolution set to fixed

Updated init scripts for use with Twisted. This has simplified the system start up for individual security web services. The ndg setup script is now not referenced: it must be configured within the user account used to run twistd. For example execute ndgSetup.sh from user .bashrc file.

Note: See TracTickets for help on using tickets.