Re: [Chicken-users] Re: chicken-install should use sudo -v

chicken-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-users] Re: chicken-install should use sudo -v

From:	Ivan Raikov
Subject:	Re: [Chicken-users] Re: chicken-install should use sudo -v
Date:	Wed, 07 Oct 2009 10:59:36 +0900
User-agent:	Gnus/5.11 (Gnus v5.11) Emacs/22.3 (gnu/linux)

   I agree that chicken-install should not use sudo. The implicit
invocation of sudo violates the principle of least astonishment, and
presents a potential risk for users who do not understand the security
implications of this approach. 

  I opposed the inclusion of the sudo mis-feature in chicken-setup, but
it nevertheless got included into chicken-install without much
discussion on the mailing list. When in sudo mode, chicken-install tries
to minimize sudo invocations by only calling it for filesystem
operations, such as cp and mv, but this results in the possibility of
command spoofing on systems where sudo has not been built with the
SECURE_PATH option. Some Linux distributions, such as Debian, have sudo
built with reasonably secure defaults, but there is no way to guarantee
this for all systems on which chicken-install is run. The sudo mode is
bad idea, has no precedent in similar systems, such as PLT Scheme and
Hackage, and should not be used.

  -Ivan

Aleksej Saushev <address@hidden> writes:

>   Hello!
>
> John Cowan <address@hidden> writes:
>
>> Currently when you install an egg with many dependencies using the -s
>> (sudo) switch, you have to wait to enter your password until the first
>> time chicken-install invokes sudo.  If, on detecting the -s switch,
>> chicken-install immediately ran "sudo -v", the password would be requested
>> at the top.  This variant of sudo does not run any command.
>>
>> Older sudo's that don't understand -v will just report an error, and no
>> harm done.
>
> No, chicken ought not to use sudo, which is non-standard and unavailable
> on all non-gnu platforms, unless you install it. And there're many users
> around who don't use sudo at all since PAM provides enough functionality.
> I don't know about corresponding BSDauth solution, but I'm almost sure
> there's one.
>
> If you can provide plan with single authentication point and installing
> all built packages at once, that would be nice. Otherwise, just don't
> enforce sudo.
>
> As for me, I don't think that giving sudo privileges to chicken-install
> is good idea, since it may do too much under the hood and you're not
> even warned by password prompt.

[Prev in Thread]

Current Thread

[Next in Thread]

[Chicken-users] chicken-install should use sudo -v, John Cowan, 2009/10/01
- [Chicken-users] Re: chicken-install should use sudo -v, Aleksej Saushev, 2009/10/06
  - Re: [Chicken-users] Re: chicken-install should use sudo -v, John Cowan, 2009/10/06
  - Re: [Chicken-users] Re: chicken-install should use sudo -v, Ivan Raikov <=
    - Re: [Chicken-users] Re: chicken-install should use sudo -v, Jim Ursetto, 2009/10/07
    - Re: [Chicken-users] Re: chicken-install should use sudo -v, John Cowan, 2009/10/07
    - Re: [Chicken-users] Re: chicken-install should use sudo -v, address@hidden, 2009/10/07
- Re: [Chicken-users] chicken-install should use sudo -v, Jim Ursetto, 2009/10/07

Prev by Date: Re: [Chicken-users] Re: chicken-install should use sudo -v
Next by Date: Re: [Chicken-users] Re: chicken-install should use sudo -v
Previous by thread: Re: [Chicken-users] Re: chicken-install should use sudo -v
Next by thread: Re: [Chicken-users] Re: chicken-install should use sudo -v
Index(es):
- Date
- Thread