From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <alexey.tourbin@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
 sa.local.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM autolearn=ham autolearn_force=no
 version=3.4.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
 bh=SXg3fjPND3+2bCWSnUGQGWrnkCFPLtZLeaYKE7Ogtuo=;
 b=iKmRpaMFxHfz1IryTCJ+rpTxadsCs8jF31K5a4dHQzgkw8N4evZfuYDqRCwfHpv+cM
 XPaR6DPBD3h74YPxGpDxVSIeY08IFY2lZC7w1zKJ5f/9KwKjZ/VUO1YSqhpvmKiB2jAk
 s4kbTmgCEPN2JVjLyFkJ5Oi51g/NG/n+GxKa/03GhS+lzwj8vMFEQGdF/rsvAP4U8xlF
 AJRhf9BcSXxv2Cy+svhsX3IotAeOFLndsrXZomATx4bJXav92oaCHMOdCeMkg23Ozghl
 3OptDIjTnFooGq4Mwslx+RUDW+YLspk24gXFkWgkfXpAr2W+ENl8QYWq+3OhPBITJhH2
 ZfuQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to;
 bh=SXg3fjPND3+2bCWSnUGQGWrnkCFPLtZLeaYKE7Ogtuo=;
 b=nrdc6yVwvu6gXnpntr7CjRpEuIav8LWsAyd/n+yxIfjBmANHHg0nUEi4vmUtOSpNtM
 nqogtoCRHJwm3KDymvQ6wX7PWcFNa9aY87ybSX02QvmR49ugqhj0D55eB91493Rks6vr
 kkDSHZe1TNCtFcHR+egu3EW87s4wjV7LczjkB9p/yxStMG9mUo/hWyzlKAsoL8PM9DON
 oWG6XSkh9Bo2bTReq+pYfVQK85lyO4572LW3p5VDDw8mE/8eaoTWyF5O1OG12mxhq+eG
 zANWHheaz74EynYMQCg3/nMPqbj3qH9vdx5s33j5yuhRWwoA1cZ9us7JLDRKFozlRWJs
 ysoA==
X-Gm-Message-State: APjAAAXpXzC+nQn6sPg3mfIVGwyWp2tlgQRhY6fptIlu4puylornYowy
 TE5pzkgezhJ3WByN+uBt5pQvEgeP8hTi44a+LtHupw==
X-Google-Smtp-Source: APXvYqzvg/+p0snIlvQGMm/ql+wprcJVegNBMkh0U1ziYZIlF6/bHLZ7MkqB1Y0TVnybcfrvDEETT6jrD/syKXl5XCs=
X-Received: by 2002:a5d:959a:: with SMTP id a26mr14812176ioo.255.1576399824556; 
 Sun, 15 Dec 2019 00:50:24 -0800 (PST)
MIME-Version: 1.0
References: <cover.1576183643.git.legion@altlinux.org>
In-Reply-To: <cover.1576183643.git.legion@altlinux.org>
From: Alexey Tourbin <alexey.tourbin@gmail.com>
Date: Sun, 15 Dec 2019 11:50:13 +0300
Message-ID: <CA+qzennvG7s_EJCi_ZXYuzK2Yf-nxb1SmchsbUyz44c+ffrmww@mail.gmail.com>
To: ALT Linux Team development discussions <devel@lists.altlinux.org>
Content-Type: text/plain; charset="UTF-8"
Subject: Re: [devel] [PATCH hasher-priv v1 0/3] Make a daemon from the
	hasher-priv
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Dec 2019 08:50:27 -0000
Archived-At: <http://lore.altlinux.org/devel/CA+qzennvG7s_EJCi_ZXYuzK2Yf-nxb1SmchsbUyz44c+ffrmww@mail.gmail.com/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>

On Fri, Dec 13, 2019 at 2:42 PM Alex Gladkov <legion@altlinux.ru> wrote:
> The hasher-priv is a SUID utility. This is not good. Separation of the
> server and client parts will allow us to remove SUID flag.

Removing the SUID flag shouldn't be an end in itself. You're still
running a process with root privileges which serves user requests.
It's the same, except that instead of the SUID flag, the process just
starts as root.  So you are not improving privilege separation or
something, you are only limiting the ability of the user to tamper
with the SUID binary. And tampering with the binary should be
pointless anyway (unless glibc is faulty and permits arbitrary code
injection, etc.).