Date: Sat, 25 Apr 1998 20:27:50 -0700 From: "Jordan K. Hubbard" <jkh@time.cdrom.com> To: Eivind Eklund <eivind@yes.no> Cc: Alex <garbanzo@hooked.net>, hackers@FreeBSD.ORG Subject: Re: Speaking of packaging tools.. Message-ID: <15211.893561270@time.cdrom.com> In-Reply-To: Your message of "Sun, 26 Apr 1998 05:10:43 %2B0200." <19980426051043.29132@follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Neat - but do we really want to go in the direction of packages that > can contain trojans? Personally I wouldn't like running a Erm.. We've not only already gone in that direction, we reached the destination long ago and have spent enough time at the location to build a small town there. The existing pkg_add format is a walking, talking demonstration model for creating packaged trojans and I'm not talking about condoms (rim shot) - the +INSTALL component of a pkg can be literally anything from a benign shell-script to a system-eating binary horror. There are no checks on what it does save for the permissions available to the uid pkg_add is running as, that generally being root of course. Packages aren't even SIGNED, as you well know, and it'd be essentially correct to say that the *BSD package system is completely, totally and utterly without any form of security whatsoever and is probably saved only by the fact that hacking it would prove no challenge whatsoever and hence isn't enough fun. :-) What I'm more curious to know about these self-extractors is where exactly they extract and how one controls that behavior. The biggest problem with executable packages is also, of course, the fact that people will typically use ftp to xfer them and they won't then run without the user knowing how to use chmod to set the execute bit. This isn't a problem that pkg_add has to worry about with data files. Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15211.893561270>