maemo.org - Talk - View Single Post - Announcing INCEPTION: Deeper access to your N9 [0.1.1]

itsnotabigtruck	2012-03-26 , 03:54
Posts: 245 \| Thanked: 915 times \| Joined on Feb 2012	#135

Originally Posted by wicket

Well I knew that the purpose of opensh was to provide real root, what I didn't realise was that setuid(0), setgid(0) was used to achieve this. I'll admit I was naive to install it without knowing this but what surprised me was how nothing has been done to lock it down. To quote the author (http://maemo.cloud-7.de/HARM/N9/openmode_kernel_PR1.1/):

No way is the default install of opensh as safe as any Linux system. Perhaps most people here find it acceptable to be able to gain root access without some form of password or key. Fremantle's rootsh was just as vulnerable.

If opensh asserted all Aegis credentials, but didn't switch to the root user, one could still trivially become root using either the tcb or CAP::setuid credentials, both of which would be available. Merely having opensh run as the current user wouldn't do anything at all to improve security.

Under other circumstances I'd be a bit more fervent about locking down access to credentials/root, but with Harmattan as it is I'm afraid it's a bit of a lost cause. That said, the Aegis-aware sudo I proposed earlier is definitely something that's required.

Edit: Also, you can get rid of opensh without getting rid of INCEPTION - just do apt-get remove opensh from a root shell and you're set.

__________________

I N C E P T I O N

Calendarrr | ad-hac | sparsify | aegisctl
MilkyTracker | Mosh
Firmware Flashing Guide

Last edited by itsnotabigtruck; 2012-03-26 at 05:15.