*** Michael Tokarev <mjt@private> [Monday, 26.August.2002, 22:08 +0400]: > There is another directory, bases/, where all av bases > (*.vdb files for drwebd - virus signatures) are keept. > This directory should be readable by drwebd - obviously - > so that daemon can read it's data. But it should NOT > be *writable* by daemon: if by any chance an attacker > will have control over drweb daemon (a complex piece > of software, closed source, yadda-yadda), he should NOT > be able to mess with those. For now, directory bases/ > and all files within is owned by root:root. Just my 0.02$ looks for me that a mistake in assumption made above has 'created' this rather complicated problem while in fact it does not exist :) Why? Because those files (bases/) are for drwebd. Assuming that someone has control over drwebd means that he can do whatever he wants. read: can disable AV checks regardless bases/ files are good or wrong. in other words: after drwebd compromise, bases/ files have lost their value, so protecing them has no sense. So this all solutions do not prevent attacker from his objectives (after succesful drwebd compromise). This is based on my assumption (maybe wrong?) that bases/ files are only used for drwebd. Anyway (maybe i'm wrong with sth else), solution with two separate connections is what i like. -- radoslaw.stachowiak.........................................http://alter.pl/
This archive was generated by hypermail 2.1.3 : Sun Jan 15 2006 - 13:43:16 PST