Monday, February 14, 2005

Tools & Traps…Do Not Run Configure or Make as Root

This is specially to my people who are Sys admin and who have a bad habbit which i too had compile programs while logged in as root.

Here is an example of how a smart hacker used this to exploit systems :

You may have noticed that the process shown for compiling Nessus doesnt run either configure or make as the root user. An important concept in security is the principle of Least Privilege, which dictates that you give any program (or user) only what privilege it actually requires to do its task. This decreases the damage that a hostile or compromised program (or user) can do.
As is the case when compiling most UNIX programs, these two compilation commands dont require root privilege to runthey simply compile the software. Only the make install step actually requires root privilege, as it needs to install software outside of the users home directory. We use su, the UNIX switch-user command, to use root privilege only when necessary.

This might seem like an academic point, but it was vitally important when an attacker compromised a major distribution server for the massively popular tool tcpdump. The attacker didnt actually Trojan the tcpdump code; instead, he modified the configure script. The configure script installed a Trojan, which sent a shell back to the attacker whenever an administrator compiled the code on a system. Administrators who ran the configure script as root gave the attacker root access on their system, while every other administrator only gave the attacker access as a normal user. You can read more about this incident at:

Its also worth noting that users who check PGP signatures of any software, source or otherwise that they download seldom are caught by Trojaned software.

So they idea is to alwayz do make install as root.



Post a Comment

<< Home