FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 09-15-2011, 09:53 AM
Alan Pope
 
Default update-manager not asking for authentication in Oneiric Beta

On 15 September 2011 09:47, Colin Law <clanlaw@googlemail.com> wrote:
> I would be interested on comments on this bug ([Oneiric]
> update-manager installs packages without authentication)
> https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/814331
>

Looks like a good idea to me.

> To summarise, in Oneiric Beta when an administrator user install
> upgrades he/she is not asked to authenticate.

The authentication does happen via policykit, so it does _know_ you're
"allowed" to do the update. It just doesn't prompt you for a password
to prove it's 'you'.

> *The bug is marked as
> won't fix even though it is (as far as I can see) a change from
> previous operation.
>

Change does not always equal bug.

> 1. Should update manager ask for authentication?
>

I don't think so, no. I like the idea that it pops up and says "hey
there's updates" and I can easily dismiss it quickly to do the updates
without having to type a password.

> 2. I thought that one of the principles of Linux that makes it much
> less open to attack is that one cannot write to system areas of disk
> without authentication. *How is it then that update manager is able to
> do this (whether by accident or design) without authentication?
>

You have authentication. You logged in with a username and password.
You're also (probably) sat at the machine. So when update manager
appears, chances are it's you (and not someone else) who sees it and
proceeds with the update.

If someone else is at your machine and doing malicious things to
update manager (is updating a machine malicious?) then all bets are
off anyway, because you've given someone else physical access to your
computer. They could screw up your system much more easily and more
comprehensively than update manager could ever hope to.

Al.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-15-2011, 11:11 AM
Colin Law
 
Default update-manager not asking for authentication in Oneiric Beta

On 15 September 2011 10:53, Alan Pope <alan@popey.com> wrote:
>
>> 2. I thought that one of the principles of Linux that makes it much
>> less open to attack is that one cannot write to system areas of disk
>> without authentication. *How is it then that update manager is able to
>> do this (whether by accident or design) without authentication?
>>
>
> You have authentication. You logged in with a username and password.
> You're also (probably) sat at the machine. So when update manager
> appears, chances are it's you (and not someone else) who sees it and
> proceeds with the update.

Normally if I run an app, or a command from the terminal, that
attempts to write to the system area on disk, it that is not allowed.
Hence I have to use sudo with apt-get upgrade. How is it that I can
use update-manager to do that, but not apt-get?

>
> If someone else is at your machine and doing malicious things to
> update manager (is updating a machine malicious?) then all bets are
> off anyway, because you've given someone else physical access to your
> computer. They could screw up your system much more easily and more
> comprehensively than update manager could ever hope to.

I thought the fact that I could not write to the system area without
re-authentication was one of the features that made Linux less
vulnerable to viruses and so on. What is it that allows
update-manager to do that but not a virus or other malware? You may
already have answered that question above.

Colin

--
gplus.to/clanlaw

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-15-2011, 11:46 AM
Alan Pope
 
Default update-manager not asking for authentication in Oneiric Beta

On 15 September 2011 12:11, Colin Law <clanlaw@googlemail.com> wrote:
> Normally if I run an app, or a command from the terminal, that
> attempts to write to the system area on disk, it that is not allowed.
> Hence I have to use sudo with apt-get upgrade. *How is it that I can
> use update-manager to do that, but not apt-get?
>

update-manager supports policykit, a framework which allows
applications to be given the ability to do this. If you take a look at
the policykit file linked from the bug report you can see this:-

[Update already installed software]
Identity=unix-group:admin
Action=org.debian.apt.upgrade-packages
ResultActive=yes

So as I understand it this says that the dbus action
"org.debian.apt.upgrade-packages" (which is part of aptdaemon) will
return 'yes' (allow) installation of updated packages if the current
user is a member of the unix group 'admin'. You (as the first user)
are a member of this group, other users are not.

I would guess that apt-get does not support policykit/dbus in the same
way update-manager does.

> *What is it that allows
> update-manager to do that but not a virus or other malware? *You may
> already have answered that question above.
>

I don't know enough about dbus/policykit to answer that.

Al.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-15-2011, 12:27 PM
Colin Law
 
Default update-manager not asking for authentication in Oneiric Beta

On 15 September 2011 12:46, Alan Pope <alan@popey.com> wrote:
> On 15 September 2011 12:11, Colin Law <clanlaw@googlemail.com> wrote:
>> Normally if I run an app, or a command from the terminal, that
>> attempts to write to the system area on disk, it that is not allowed.
>> Hence I have to use sudo with apt-get upgrade. *How is it that I can
>> use update-manager to do that, but not apt-get?
>>
>
> update-manager supports policykit, a framework which allows
> applications to be given the ability to do this. If you take a look at
> the policykit file linked from the bug report you can see this:-
>
> [Update already installed software]
> Identity=unix-group:admin
> Action=org.debian.apt.upgrade-packages
> ResultActive=yes
>
> So as I understand it this says that the dbus action
> "org.debian.apt.upgrade-packages" (which is part of aptdaemon) will
> return 'yes' (allow) installation of updated packages if the current
> user is a member of the unix group 'admin'. You (as the first user)
> are a member of this group, other users are not.
>
> I would guess that apt-get does not support policykit/dbus in the same
> way update-manager does.
>
>> *What is it that allows
>> update-manager to do that but not a virus or other malware? *You may
>> already have answered that question above.
>>
>
> I don't know enough about dbus/policykit to answer that.

OK, many thanks for the info. One lives and learns.

Colin

--
gplus.to/clanlaw

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-15-2011, 06:31 PM
Ioannis Vranos
 
Default update-manager not asking for authentication in Oneiric Beta

Hm, I do not know much about PAM, however if the first user is
registered as admin (root), I think it is bad idea, as it is a bad
idea to use your root account, for non-administrative use.



--
Ioannis Vranos

http://www.cpp-software.net

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-15-2011, 06:33 PM
Ioannis Vranos
 
Default update-manager not asking for authentication in Oneiric Beta

Correction:

On Thu, Sep 15, 2011 at 9:31 PM, Ioannis Vranos
<ioannis.vranos@gmail.com> wrote:
> Hm, I do not know much about

PolicyKit,

> however if the first user is
> registered as admin (root), I think it is bad idea, as it is a bad
> idea to use your root account, for non-administrative use.





--
Ioannis Vranos

http://www.cpp-software.net

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-15-2011, 09:44 PM
NoOp
 
Default update-manager not asking for authentication in Oneiric Beta

On 09/15/2011 01:47 AM, Colin Law wrote:
> I would be interested on comments on this bug ([Oneiric]
> update-manager installs packages without authentication)
> https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/814331
>
> To summarise, in Oneiric Beta when an administrator user install
> upgrades he/she is not asked to authenticate. The bug is marked as
> won't fix even though it is (as far as I can see) a change from
> previous operation.
>
> I am interested in this from two points of view
>
> 1. Should update manager ask for authentication?
>
> 2. I thought that one of the principles of Linux that makes it much
> less open to attack is that one cannot write to system areas of disk
> without authentication. How is it then that update manager is able to
> do this (whether by accident or design) without authentication?
>
> Colin
>

I prefer UM asking for the password each time. That said, this seems to
be more like when someone has enabled UM to automatically install secure
updates (another 'feature' I don't necessarily agree with for various
reasons).




--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-15-2011, 10:17 PM
Alan Pope
 
Default update-manager not asking for authentication in Oneiric Beta

On 15 September 2011 19:31, Ioannis Vranos <ioannis.vranos@gmail.com> wrote:
> Hm, I do not know much about PAM, however if the first user is
> registered as admin (root), I think it is bad idea, as it is a bad
> idea to use your root account, for non-administrative use.
>

I meant the first non-root user. The first user created during the
installer is an admin, but not 'root'.

Cheers,
Al.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-15-2011, 10:27 PM
Koh Choon Lin
 
Default update-manager not asking for authentication in Oneiric Beta

> To summarise, in Oneiric Beta when an administrator user install
> upgrades he/she is not asked to authenticate. *The bug is marked as
> won't fix even though it is (as far as I can see) a change from
> previous operation.

In my lab of 20 computers running Beta 1, around 80% of the upgrades
done so far requires no password while the remaining 20% does. All
users were Admin accounts and the 20 PCs were upgraded using the
update manager. Anyone faces this too?



--
Regards
Koh Choon Lin

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-15-2011, 11:46 PM
NoOp
 
Default update-manager not asking for authentication in Oneiric Beta

On 09/15/2011 03:17 PM, Alan Pope wrote:
> On 15 September 2011 19:31, Ioannis Vranos <ioannis.vranos@gmail.com> wrote:
>> Hm, I do not know much about PAM, however if the first user is
>> registered as admin (root), I think it is bad idea, as it is a bad
>> idea to use your root account, for non-administrative use.
>>
>
> I meant the first non-root user. The first user created during the
> installer is an admin, but not 'root'.
>
> Cheers,
> Al.
>

Perhaps we all should take security a little more seriously:

http://www.informationweek.com/news/security/attacks/231601225

http://www.zdnet.com/blog/open-source/some-linux-foundation-crack-attack-details-emerge/9535

http://www.linuxfoundation.org/



--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 09:00 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org