Re: [PATCH] Remove absolute paths from gpg.rc

To: Mutt Developers <mutt-dev@xxxxxxxx>
Subject: Re: [PATCH] Remove absolute paths from gpg.rc
From: Oswald Buddenhagen <ossi@xxxxxxx>
Date: Fri, 23 Mar 2007 11:00:35 +0100
In-reply-to: <20070323004520.GE30010@xxxxxxxxxxxxx>
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?Subject="Unsubscribe Mutt Dev"?body=unsubscribe>
Mail-followup-to: Mutt Developers <mutt-dev@xxxxxxxx>
References: <20070315164052.GB6801@xxxxxxxx> <20070316174736.GC26519@xxxxxxxxxxxxxxxxx> <20070318084444.GJ5260@xxxxxxxxxxxxxxx> <20070320035137.GU23035@xxxxxxxxxxxxx> <20070320072836.GF5260@xxxxxxxxxxxxxxx> <20070320111417.GC4849@xxxxxxxxxx> <20070322140926.GL265@xxxxxxxxxxxxxxxxxxx> <20070322163443.GQ5260@xxxxxxxxxxxxxxx> <20070323004520.GE30010@xxxxxxxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Mutt/1.5.14 (2007-03-03)

On Thu, Mar 22, 2007 at 08:45:20PM -0400, Derek Martin wrote:
> In many places, computers are shared resources, and often groups are
> collaborating.  It may be that as a matter of policy, the programs
> being developed by the group must go into a directory writable by the
> group.  A malicious user -- perhaps someone intent upon stealing a
> coworker's research -- could insert a trojaned copy of gpg which works
> correctly for everyone except the target user, into the shared
> directory. 
> 
that example doesn't make too much sense. as an attacker, i'd trojanize
mutt itself (too). and you can't really expect users to use
/usr/bin/mutt to start it. if you really want to, you can make PATH
empty in the first place. but then, why would you add the shared bin
directory to PATH? and anyway, if you are in a situation where you have
to execute code written by users you cannot trust, you already have lost
anyway.
the point is still the same: apply security where it provably makes
sense. that means to distrust PATH only in setuid programs.

-- 
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Chaos, panic, and disorder - my work here is done.

References:
- [PATCH] Remove absolute paths from gpg.rc
  - From: Christoph Berg
- Re: [PATCH] Remove absolute paths from gpg.rc
  - From: Brendan Cully
- Re: [PATCH] Remove absolute paths from gpg.rc
  - From: Dave
- Re: [PATCH] Remove absolute paths from gpg.rc
  - From: Derek Martin
- Re: [PATCH] Remove absolute paths from gpg.rc
  - From: Dave
- Re: [PATCH] Remove absolute paths from gpg.rc
  - From: Oswald Buddenhagen
- Re: [PATCH] Remove absolute paths from gpg.rc
  - From: Vincent Lefevre
- Re: [PATCH] Remove absolute paths from gpg.rc
  - From: Dave
- Re: [PATCH] Remove absolute paths from gpg.rc
  - From: Derek Martin

Prev by Date: mutt: new changeset
Next by Date: Re: [PATCH] Remove absolute paths from gpg.rc
Previous by thread: Re: [PATCH] Remove absolute paths from gpg.rc
Next by thread: Re: [PATCH] Remove absolute paths from gpg.rc
Index(es):
- Date
- Thread