Ubuntu Privacy Remix

Are you going to update UPR because of the security issue in sudo?

Asked by Josh Myers

USN-722-1: "sudo did not correctly handle certain privilege changes when handling groups. If a local attacker belonged to a group included in a "RunAs" list in the /etc/sudoers file, that user could gain root privileges."

Are you going to update UPR to fix this issue?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Privacy Remix Edit question
Assignee:
No assignee Edit question
Solved by:
Mark Preetorius
Solved:
Last query:
Last reply:
Revision history for this message
Best Mark Preetorius (p-launchpad-privacy-cd-org) said : 		#1

Of course all security-updates of this - and all other - packages will be installed in the next release of "Ubuntu Privacy Remix". But there is no necessity for an immediate processing, because the problem in USN-722-1 does not directly affect the security of UPR.

Different user privileges are - so far - not part of the UPR-security-concept. As UPR is a live-cd, the standard behavior is, that the live-session-user (ubuntu) can run any command via sudo without being prompted for a password. Thus a security hole in sudo does not worsen the situation.

The sense of not giving root-privileges to normal users is to prevent them from making global changes to the system. In UPR enduring changes to the system - like installing a rootkit or a keylogger - are impossible, because it is a read-only-system, runing from a cd. After rebooting all changes are lost.

Even installing (e.g.) a living-in-RAM-only-rootkit just for the running session should be very difficult for an attacker - and fairly useless.

Difficult, because the system itself is clean, and any malware would have to be imported into a running UPR-Session from the outside-world. For this neither networks nor compromised local harddrives can be used by the attacker, because the kernel ignores this hardware. All removable devices, with which the malware could be imported accidentally by the user himself, are mounted non-executable, so malicious software can not be executed from here.

Useless, because even if the attacker would be able to install some snoopy software - what could it do? As you have neither networks nor local harddrives, where could this malware store the stolen data? Only on removable media - but as you normally should not have much more than your Truecrypt-containerfile on them, this should be relatively easy to controll by the user.
And the next reboot will kill the malware before it could do any harm to your privacy.

UPR is not absolutely bulletproof, but the most serious threats come from the outside and are far away from being standard-attacks, e.g. "virtual machine based rootkits".

Revision history for this message
Josh Myers (mm1205932) said : 		#2

Thanks Mark Preetorius, that solved my question.