|
|
Log in / Subscribe / Register

Fedora to (try to) remove setuid files for F15

Fedora to (try to) remove setuid files for F15

Posted Nov 8, 2010 8:56 UTC (Mon) by dlang (guest, #313)
In reply to: Fedora to (try to) remove setuid files for F15 by solardiz
Parent article: Fedora to (try to) remove setuid files for F15

we have different criteria for what's acceptable.

I don't see anything fundamentally wrong with using the same account to launch su and to do other things, and I see a major problem with using the same SSH keypair for different purposes.

to post comments

Fedora to (try to) remove setuid files for F15

Posted Nov 8, 2010 9:25 UTC (Mon) by solardiz (guest, #35993) [Link] (1 responses)

It could be different criteria, but I've actually seen security compromises propagate from non-root to root due to use of su or sudo while also using the same non-root account for other purposes and/or logging in to it from more places.(*) I haven't seen any security compromises that I could attribute to SSH keypair reuse for root and non-root on the same target machine.

(*) I've also seen security compromises propagate from one server to another via scp/sftp/ssh invoked _from_ a server.

What specific major problem do you see with using the same SSH keypair for root and non-root on the same target system? I do see how using different keypairs - only with different and very strong private key passphrases - would potentially improve security a little bit if the "root keypair" is extremely rarely used. But that sounds like more of an exception than the typical case, especially when one has to co-administer many servers. There's simply no other sane choice than to accept some SSH keypair reuse. We typically opt to use one SSH keypair per person per target network or target project:

http://openwall.info/wiki/internal/ssh

Fedora to (try to) remove setuid files for F15

Posted Nov 9, 2010 3:40 UTC (Tue) by cras (guest, #7000) [Link]

I'd think you can create a poor man's su/sudo by simply creating a new SSH key, adding it to root's allowed_keys and use "alias sudo ssh -i ~/.ssh/id_dsa.root root@localhost". sudo-style password remembering can be done by ssh-agent.

BTW. I like your way of getting rid of setuid binaries more. That's actually what I thought F15's plan was when I first read the headline, but then got disappointed.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds