Re: nncp-sudo - John Goerzen

public inbox for nncp-devel@lists.cypherpunks.ru
Atom feed

From: John Goerzen <jgoerzen@complete•org>
To: Sergey Matveev <stargrave@stargrave•org>
Cc: nncp-devel@lists.cypherpunks.ru
Subject: Re: nncp-sudo
Date: Mon, 23 Aug 2021 21:35:08 -0500	[thread overview]
Message-ID: <87v93vpo2r.fsf@complete.org> (raw)
In-Reply-To: <YSFNtQMV7saFKRR9@stargrave.org>

On Sat, Aug 21 2021, Sergey Matveev wrote:

>>- More security risks (think of, for instance, a world-readable 
>>set of
>>files in /var/mail).  Users have access to the secret  keys and 
>>could read
>>each other's incoming packets at the very  least.  Or delete 
>>them, etc.
>
> In that case I think that any kind of "sharing" (via 
> permissions, via
> sudo, whatever) should not be done at all. Possibly only an 
> additional
> via-hop should be shared (with intermediate copy/nncp-xfer to 
> transfer
> files to it).

So that's basically what I'm proposing, just with a different 
mechanism.  One could have each user running an nncp-daemon and 
there could be calls to localhost.  There are some downsides to 
that.  nncp-xfer/copy can be tricky to get the permissions right, 
though could be done.

But here, by authorizing one user to run nncp-daemon as another, 
you don't have to have a long-running nncp-daemon process - it 
gets spun up when needed.  It is effectively the same as listening 
on an open port but without having to be up constantly and so 
forth.

Having said all that, it's still theoretical to me; I have yet to 
actually have a case where it would help.

> Personally I just really do not like sudo. If some nncp-exec 
> target
> should be run under some specific user/rules, then I would 
> probably
> create an additional user, with his own spool and make him 
> available
> through the "via". I really have not met situations where sudo 
> was

I'm doing (nncp-exec calling sudo) for privilege separation 
reasons, but that's it.  It's not using sudo to run as root, but 
to run as me.

- John

next prev parent reply	other threads:[~2021-08-24  2:36 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-20  3:42 ANN: Tunnelling NNCP over (ssh, sudo, tor, S3, Nextcloud, syncthing, uucp) John Goerzen
2021-08-20 10:52 ` Sergey Matveev
2021-08-20 12:36   ` John Goerzen
2021-08-21 18:30     ` Sergey Matveev
2021-08-24  2:31       ` John Goerzen
2021-08-24  8:35         ` Frank Doepper
2021-08-24 10:12           ` Sergey Matveev
2021-08-24 10:09         ` Sergey Matveev
2021-08-20 11:11 ` nncp-sudo Sergey Matveev
2021-08-20 12:30   ` nncp-sudo John Goerzen
2021-08-21 19:02     ` nncp-sudo Sergey Matveev
2021-08-24  2:35       ` John Goerzen [this message]
2021-08-25 19:24         ` nncp-sudo Jonathan Lane
2021-08-25 20:31           ` nncp-sudo John Goerzen