Browse as user "Spot"

Browsers, email, chat, etc.
Message
Author
User avatar
L18L
Posts: 3479
Joined: Sat 19 Jun 2010, 18:56
Location: www.eussenheim.de/

#46 Post by L18L »

nooby wrote:...keep them also for root...
No, root may and can do everything inclusive viewing of pictures of all users

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#47 Post by nooby »

L18L refer to these exchanges
http://murga-linux.com/puppy/viewtopic. ... 665#515665

Sorry I am always confusing
I use Google Search on Puppy Forum
not an ideal solution though

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#48 Post by nooby »

But I did try to follow what rcrsn51 wrote but maybe something in my set up here made it to fail or some space in teh code whatever. the bsafe never got created.

I can start with spot again though.

okay about root I still ahve the problem that my body will not be able to refrain from starting browser as root. it don't ask my persmission it just go doing it and then later I realize that hours ahs gone by as root
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#49 Post by rcrsn51 »

nooby wrote:But if it is vulnerable to attack then what is the usage? I mean that was why we wanted to be spot in the first place :) To get away from such vulner things
Again, this is the crucial issue. There is nothing magic about the user spot. If you let a piece of malware into your system (like a script off a web page) that wants to delete or alter your files, it doesn't matter who you are logged in as. It can change any file that it has permission to do so. If it is running as spot (or any other unprivileged user) it can delete ANY file belonging to that user. But it cannot change your system files or start a malicious process like a bot. (This presumes that the malware didn't gain privilege elevation through some other method.)

But if you are running your browser as root, the malware can attack any file owned by root - which is all of them!

Consider what happens in Windows. If you are like many people and routinely login as the admin user, then a malicious script has full rights to your file system. That's how it inserts itself into the Windows registry and numerous other spots.

Personally, I have come to accept bugman's view of Internet security. The single most important thing you can do is control web page scripting.

What is a mystery to me is why Firefox's implementation of Javascript is still so vulnerable to exploits. Does anyone have a explanation for this?

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#50 Post by nooby »

I would love to migrate to using spot as often as possible but latest failure makes me have severe headache :) Wow it was much more difficult than I thought.

What about the advice to just drag default browser icon to spot? and then it is owned by spot or something? maybe that is the easiest if I find the right icon that is. is it the one named Browse on the Desktop?

so I create a dir on mnt/home and go into permissions and tell it to be powned by spot? I change password for spot and for root too and then it should just work?

okay I need to move the .mozilla dir to spot too.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Luluc
Posts: 200
Joined: Wed 16 Mar 2011, 07:10

#51 Post by Luluc »

nooby wrote:I would love to migrate to using spot as often as possible but latest failure makes me have severe headache :) Wow it was much more difficult than I thought.

What about the advice to just drag default browser icon to spot? and then it is owned by spot or something? maybe that is the easiest if I find the right icon that is. is it the one named Browse on the Desktop?

so I create a dir on mnt/home and go into permissions and tell it to be powned by spot? I change password for spot and for root too and then it should just work?

okay I need to move the .mozilla dir to spot too.
Hi, nooby. Open this file with any file editor:

/usr/local/bin/defaultbrowser

It should contain this:

Code: Select all

exec firefox "$@"
Change it to this:

Code: Select all

exec su spot -c firefox "$@"
All your problems are solved.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#52 Post by nooby »

Luluc thanks for wanting to sort things out but ...

Yes but the code from rcrsn that I used in rxvt deleted user spot and created a new one and then I due to ADHD deleted that dir at mnt/home so I need to know how to recreate that again and move teh .mozilla dir to that one and it should be owned by spot and have the right permission and so on.

in what order should I do all of that then?
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#53 Post by rcrsn51 »

@nooby: This is far too confusing. I would suggest that you leave this issue for now and come back tomorrow when clearer heads may prevail.

I would also suggest that you set up a test install with a fresh pupsave file.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#54 Post by nooby »

For your sake I could but how can I get teh firefox preferences over to that one then?

no need to wait to tomorrow here there are 4 more hours to go to bed :)
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Luluc
Posts: 200
Joined: Wed 16 Mar 2011, 07:10

#55 Post by Luluc »

nooby wrote:Luluc thanks for wanting to sort things out but ...

Yes but the code from rcrsn that I used in rxvt deleted user spot and created a new one and then I due to ADHD deleted that dir at mnt/home so I need to know how to recreate that again and move teh .mozilla dir to that one and it should be owned by spot and have the right permission and so on.

in what order should I do all of that then?
You deleted /mnt/home/spot? After you had moved .mozilla from /root to /mnt/home/spot? So, do you still have .mozilla anywhere? I am afraid you may have deleted all copies of it.
rcrsn51 wrote:@nooby: This is far too confusing. I would suggest that you leave this issue for now and come back tomorrow when clearer heads may prevail.

I would also suggest that you set up a test install with a fresh pupsave file.
I agree. But it doesn't have to be a completely new pupsave file. It can be any other recent one. I suspect that nooby is doing all this experimentation on expendable copies of her actual pupsave file.

BTW, I'm signing off for today. Can't help anymore.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#56 Post by nooby »

Here is my solution, I did created a new lupu513 subdir based on Snowpu5 and named it snow5spot to know it is prepared to be a spot browser thing.

I used a copy of a backup pupsavefile so what should I do now?
this one have .mozilla on the root and not on mnt/home
I use Google Search on Puppy Forum
not an ideal solution though

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#57 Post by jpeps »

I just noticed this thread, and just looked briefly at the first few posts. Since I use spot with sudo and a designated home directory, I'll briefly weigh in. Running a downloaded copy of Firefox from Spot from a terminal is no problem...it will install new config directories in home. If I run from root, it will use .mozilla in /root.

The underlying principle running with non-root user is that basically you start from scratch setting up apps, unless you want to go through the hassle of changing permissions, etc. It's often just easier to run the apps from root unless you have a specific reason not to. Puppy works great the way it is for most users.

User avatar
Bernie_by_the_Sea
Posts: 328
Joined: Wed 09 Feb 2011, 18:14

#58 Post by Bernie_by_the_Sea »

Javascripts have a number of inherent limitations in them to prevent them from doing malicious things to a network, so at best it can snoop around, issue commands to anything that's not password protected and has a web interface (Assuming it can identify it), etc. Having a rogue Javascript operating in your browser environment is nothing to lose sleep over.
Javascript has been around for over a decade now, and is almost universally enabled by web users. There's a reason why Javascript exploits are almost never attempted: they're not only screamingly obvious and leave a nasty paper trail, but their scope is extremely limited and their chances of finding a successful target quite low. There are any number of better, safer ways to attack a person with absolutely no security sense.
Does only accessing the internet on a user account help protect against this?

Well it's a good idea for a lot of other reasons, but no. A Javascript has absolutely no direct access to the system it's running on, so it's no less secure if you're running as root.
Emphasis added. Above quotes from:
http://anti-state.com/forum/index.php?b ... adid=17522

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#59 Post by rcrsn51 »

That page is dated 2006. A lot of things have changed since then. So if Javascript isn't the culprit, then what content on a web page is capable of changing the Windows registry?

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#60 Post by rcrsn51 »

@nooby: The technique of creating a new unprivileged user whose home directory is in /mnt/home won't work for you. It requires that /mnt/home be formatted with a Linux filesystem like ext. You don't have this.

Also, trying to symlink spot's .mozilla profile into /mnt/home won't work either. Spot doesn't have write permission there.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#61 Post by nooby »

Thanks that explains it then.

I could still run FF as spot though but Spot will be a sub to root? an anything saved that I want to be outside of mnt/home I have to go there as root and move out of spot?

It would still add to security from injection code?
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#62 Post by rcrsn51 »

nooby wrote:I could still run FF as spot though but Spot will be a sub to root?
Correct. If you check the properties of the folder /root/spot, you will see that it is owned by spot. That's the only place that spot has permission to save files, other than special locations like /tmp.
and anything saved that I want to be outside of mnt/home I have to go there as root and move out of spot?
Correct. If you are running your browser as spot, you cannot automatically download a file to /mnt/home. Spot does not have write permission on that folder.
It would still add to security from injection code?
I'm still not clear on that issue. Firefox is constantly releasing updates to fix various security issues. Since most Linux users are unprivileged, one could conclude that even though you are running the browser unprivileged, you are still vulnerable. Or maybe those updates really only apply to Windows users.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#63 Post by nooby »

Thanks, what about the Chromium and SRWare Iron then those being clones them using sandbox tech would that add security
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Bernie_by_the_Sea
Posts: 328
Joined: Wed 09 Feb 2011, 18:14

#64 Post by Bernie_by_the_Sea »

rcrsn51 wrote:So if Javascript isn't the culprit, then what content on a web page is capable of changing the Windows registry?
Just about any and all content on a web page is potentially capable of changing the Windows registry. Hint: ANY Mozilla, Firefox, Safari, or Opera plugin (that uses NPAPI which means almost all) is a doorway to access the registry.

Keep in mind that to change the Windows registry you must first have a Windows registry to change. Even with Wine, the Windows registry that Wine accesses is not the real registry but rather the one stored in Wine itself. Changes to the registry there affect only apps running in Wine. Have many running Linux in general and Puppy in particular have a Windows registry on their computer? Hint: a drive must be mounted to write to it.

Keep in mind that javascript cannot exceed the browser’s level of security (and this has nothing to do with running as root). The only thing a browser can write to is a cookie. The only thing a browser can communicate with is the server. The only data manipulation a browser can do is to the object model of the web page (used with forms and the like).

Note: To avoid teaching hacker/crackers I give only hints that might be used by defenders against hacker/crackers. Discussing things like web pages modifying the registry is dangerous in itself.

Another hint: Here's a handy plugin that can reach the registry on a computer where there are zero root/administrative rights. https://addons.mozilla.org/en-US/firefo ... n-regedit/

User avatar
01micko
Posts: 8741
Joined: Sat 11 Oct 2008, 13:39
Location: qld
Contact:

#65 Post by 01micko »

OK, here's an experimental version of Browsesafe

It attempts to address some of the things being discussed here, such as other users than spot (an option) and installing config folder outside the savefile (another option). It all takes place at install time with a comprehensive GUI. It takes into account what type of install you have.

Be warned that for success you will probably have to delete any .mozilla files in /root/spot. Also it is experimental. Lots of stuff is going on behind the scenes in that install script so I have tried to be efficient.

Have fun

newer version, fixed bernie's bug and minor ntfs bug, added puninstall script to advise on some manual cleanup
Last edited by 01micko on Mon 25 Apr 2011, 00:54, edited 2 times in total.
Puppy Linux Blog - contact me for access

Post Reply