lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1080507500.5085.15.camel@coruscant.weisserth.net>
From: tobias at weisserth.de (Tobias Weisserth)
Subject: Cronning Update Jobs <- really a bad idea in
	Portage

Hi there,

Am So, den 28.03.2004 schrieb Nico Golde um 17:24:
> Hallo Luke,
> 
> * Luke Norman <luke@...manonline.co.uk> [2004-03-27 17:28]:
> [...] 
> > My question is this - are there any security risks to adding this 
> > command to a cron job, and having it execute say, once every 12 hours. 
> > Any and all input appreciated
> 
> is it a risk if you do it manually? see? ;-)
> regards nico


There's always the issue of integrity checking. Using automatic updates
in conjunction with AIDE or Tripwire is pointless. It ruins the database
and makes it very hard to spot unwanted changes each time an automatic
update is done.

One more problem are the compile times. Since Gentoo emerges everything
(well most things, 99%) from source and compiles it this leaves your
machine at random times (whenever the cron job runs) very vulnerable for
denial of service issues since the CPU will be VERY busy compiling. If
you don't know in advance which stuff it emerges (this could be much or
nothing at all) this is a pretty risky thing. You might want to plan
emerging bigger ebuilds opposed to just run a cron job to avoid unwanted
down times due to compiler activity.

Then there's the problem of configuration file swaps. Portage won't
overwrite a config file but when the machine is rebooted or a service
restarts the newer version of a service might expect the newer config
file and stop working properly. You'll have to monitor configuration
updates yourself so there's no point in handling updates automatically.

Automatic updating in Gentoo on machines providing external services is
also a stupid idea since Portage does a lot of version bumps and this
will ruin a perfectly stable box most of the time. What if the newer
version doesn't work in your setup but emerged without problems? If you
don't monitor the automatic emerging activities regularly you won't even
be able to tell with certainty what the cause for the problem is.

I'd even go further. Running external services on a Gentoo box is
probably not recommended at all. General security and bug handling
hasn't reached a level acceptable for server use in my opinion yet. But
opinions and risk willingness differ.

regards,
Tobias W.

-- 
***************************************************
   ____  _____
  |  _ \| ____| Tobias Weisserth
  | | | |  _|   tobias@...sserth.[de|com|net|org]
 _| |_| | |___  http://www.weisserth.org
(_)____/|_____|
                
Encrypted mail is welcome.
Key and fingerprint: http://imprint.weisserth.org

***************************************************
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040328/faa0f17b/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ