:: Re: [DNG] sup - a "small is beautif…
Startseite
Nachricht löschen
Nachricht beantworten
Autor: Hendrik Boom
Datum:  
To: dng
Betreff: Re: [DNG] sup - a "small is beautiful" tool for UNIX privilege escalation
On Thu, Mar 17, 2016 at 09:29:56PM +0100, Jaromil wrote:
>
> sup is different from doas, because doas is configured at runtime:
> http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/doas.conf.5
> while sup security model is based on the fact it has its settings
> compiled in, so when one put the binary as suid, one can be sure it
> will only execute the programs it has been built for.


It has never been clear to me why a compiled-in configuration is more
secure than a hand-edited run-time configiration file.

It is surely as easy to emplace a mmalicious executable as a
malicious configuration file. And the damaged configuration file is at
least auditable -- just look it over with less.

-- hendrik