Add patch to global.pp
Toshio Kuratomi
a.badger at gmail.com
Fri Jul 17 02:59:01 UTC 2009
ricky and I were considering adding patch to global.pp and dennis
brought up that it might be a command used to do malicious stuff. So
what do you guys think?
Pros:
patch makes some things much easier to do. Want to cherrypick a change
as a hotfix? Many times patch is needed to apply the diff. Want to
replicate some changes from server1 to servers 2, 3, and 4? diff on
server1, patch on the others. Need to review a change that someone else
has done and then apply it? Read the diff they give you and apply it
rather than grabbing the whole file, doing the diff yourself, and then
applying it.
Cons:
patch is a commonly used utility that is often used to edit files. So
the principle of not installing things that aren't needed makes it one
more tool that an attacker won't have if they get remote execution on a
box they shouldn't. However, there's many other things that an attacker
can do if they gain remote execution. Rather than retrieving a diff and
applying that to a file, the attacker can just retrieve a file and then
replace the existing one; we have wget, curl, and scp installed. ed,
sed, perl, python, and other text processing tools are available. I'm
thinking if the attacker can gain the ability to execute a remote
command and they have permission to touch files that are going to cause
us harm, lack of patch isn't going to save us.
Other:
* patch doesn't have any deps that aren't already installed on one of
our boxes.
What's the consensus here?
-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20090716/81d6f65d/attachment.bin
More information about the infrastructure
mailing list