Datasheet
“main” (Installation and Administration) — 2004/6/25 — 13:29 — page 684 — #710
i
i
i
i
i
i
i
i
The permissions of the more than 200,000 files included in a SUSE distribu-
tion are carefully chosen. A system administrator who installs additional
software or other files should take great care when doing so, especially
when setting the permission bits. Experienced and security-conscious sys-
tem administrators always use the -l option with the command ls to get
an extensive file list, which allows them to detect any incorrect file permis-
sions immediately. An incorrect file attribute does not only mean that files
could be changed or deleted. These modified files could be executed by
root or, in the case of configuration files, programs could use such files
with the permissions of root. This significantly increases the possibilities
of an attacker. Attacks like this are called cuckoo eggs, because the program
(the egg) is executed (hatched) by a different user (bird), just like a cuckoo
tricks other birds into hatching its eggs.
A SUSE LINUX system includes the files permissions, permissions.
easy, permissions.secure, and permissions.paranoid, all in the
directory /etc. The purpose of these files is to define special permissions,
such as world-writable directories or, for files, the setuser ID bit (programs
with the setuser ID bit set do not run with the permissions of the user that
has launched it, but with the permissions of the file owner, in most cases
root). An administrator can use the file /etc/permissions.local to
add his own settings.
To define which of the above files is used by SUSE’s configuration pro-
grams to set permissions accordingly, select ‘Security’ in YaST. To learn
more about the topic, read the comments in /etc/permissions or con-
sult the manual page of chmod (man chmod).
Buffer Overflows and Format String Bugs
Special care must be taken whenever a program is supposed to process
data that can or could be changed by a user, but this is more of an issue for
the programmer of an application than for regular users. The programmer
must make sure that his application interprets data in the correct way, with-
out writing them into memory areas that are too small to hold them. Also,
the program should hand over data in a consistent manner, using the inter-
faces defined for that purpose.
A buffer overflow can happen if the actual size of a memory buffer is not
taken into account when writing to that buffer. There are cases where this
data (as generated by the user) uses up some more space than what is
available in the buffer. As a result, data is written beyond the end of that
buffer area, which, under certain circumstances, makes it possible that a
program executes program sequences influenced by the user (and not by
684 26.7. Security and Confidentiality