Does "security-hole" apply to puppy? (Solved)

For discussions about security.
Post Reply
Message
Author
nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

Does "security-hole" apply to puppy? (Solved)

#1 Post by nooby »

I fail to get the text.

It says that the following linux kernels are safe while the older ones are wide open for exploit.

2.6.32.19
2.6.34.4
2.6.35.2
and the coming one
2.6.36

the version of quirky me use have use this cli code in console terminal
# uname -r
2.6.33.2
#
not even mentioned so does that place it among the not secure ones?

Read all about it here
http://theinvisiblethings.blogspot.com/ ... loset.html
Last edited by nooby on Thu 26 Aug 2010, 20:09, edited 1 time in total.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#2 Post by Pizzasgood »

I think so, since that kernel is older than August 13 2010, which is when the fix was introduced to Linus's tree.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
SirDuncan
Posts: 829
Joined: Sat 09 Dec 2006, 20:35
Location: Ohio, USA
Contact:

#3 Post by SirDuncan »

Technically it does, as Pizzasgood as said. It doesn't make a huge difference though. A privilege escalation attack is pointless in Puppy. The whole point is to trick the OS into running the code as root, but Puppy is already doing that without being tricked. Puppy runs (nearly) everything as root.
Be brave that God may help thee, speak the truth even if it leads to death, and safeguard the helpless. - A knight's oath

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#4 Post by nooby »

Thanks guys, but then how does one protect oneself from that exploit then?
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Iguleder
Posts: 2026
Joined: Tue 11 Aug 2009, 09:36
Location: Israel, somewhere in the beautiful desert
Contact:

#5 Post by Iguleder »

Don't use Puppy or don't use root :)
[url=http://dimakrasner.com/]My homepage[/url]
[url=https://github.com/dimkr]My GitHub profile[/url]

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#6 Post by nooby »

Hahah, very true but not so helpful for us who still want to use Puppy but are root because we fail to find it practical to set up user in Puppy.

Yes I know there are threads describing how to but very few seems to use puppy that way.

So what should we do then?

Edit. I mean there has to me more options than those you suggested.

One could maybe monitor entries via the log of the Router?

Setting up rules for outside entries and a lot of other things.

Some use DVD and only save in multisession and some burn their best version of puppy set up as a new iso and then use that one as their current puppy on DVD and they use it read only and so on.

there are more options than either use puppy as is or to set up user or not use it puppy all.

you maybe teased me a bit? I trust that for those who know things there are at least a handful options apart from those you did mention
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#7 Post by Pizzasgood »

Very good point SirDuncan.

Nooby, like SirDuncan said, there isn't much point in worrying about this particular security hole in Puppy. What it does is make it possible for people who are not root to become root - which generally isn't necessary in Puppy.

This isn't a vulnerability that helps people get into your computer. They would have to already be in it for this to mean anything. And in the vast majority of Puppy computers, anybody who gets in will already be root, without having to use this exploit.

If we were talking about a more server-oriented distro (or a version of Puppy that had been hardened somewhat for use as a server box), then this vulnerability would be a concern. When you run servers, you normally run them as users other than root, so that if anybody exploits a bug in the server to get into your computer, they would only have the limited privileges that the server program had. In those cases, they could try to exploit this vulnerability to increase their privileges to root. Furthermore, if you ran an SSH server to let mostly-untrusted people run programs on your server (such as university servers), those people already have the ability to run code on the machine, so they could try using this vulnerability to elevate themselves to root (at which point they could do various naughty things, like tampering with other people's accounts, modifying their class websites, etc.).

Now, if somebody did happen to be running servers in Puppy that did not run as root, and wanted to secure their system from this vulnerability, they would have several options. One is to simply remove X from their system, if it isn't required. X appears to be the primary attack vector. From what I read it is possible to exploit this in other ways, but X makes it much easier. Another option would be to get the kernel source, apply the patch (adjusting it if necessary for the specific kernel version they want to use - this would be an excellent opportunity to switch to a different kernel or tweak compile options if you had some reason to do so), and then recompile the kernel. The third option is to just use some other distro that has a patched kernel.


Again, this is nothing to worry about for normal desktop users of Puppy. The vulnerability impacts a security mechanism that you aren't even using in the first place. :wink:
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
RetroTechGuy
Posts: 2947
Joined: Tue 15 Dec 2009, 17:20
Location: USA

#8 Post by RetroTechGuy »

Pizzasgood wrote: This isn't a vulnerability that helps people get into your computer. They would have to already be in it for this to mean anything. And in the vast majority of Puppy computers, anybody who gets in will already be root, without having to use this exploit.
That is, the exploit might be useful to someone with an account on your machine (server) that doesn't have physical access to the machine in question (i.e. it's locked up in a room somewhere -- such as many university servers).

For most home desktops, the user will already have physical access to the machine, so there is really nothing that can stop a direct attack (i.e. they could reboot to a live boot CD, or USB and muck with your machine).

I wouldn't worry about it...

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#9 Post by nooby »

Thanks guys. I put solved on this thread. ;:)
I use Google Search on Puppy Forum
not an ideal solution though

Post Reply