[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Cronning Update Jobs <- really a bad idea in Portage

Hi there,

Am So, den 28.03.2004 schrieb Nico Golde um 17:24:
> Hallo Luke,
> * Luke Norman <luke@xxxxxxxxxxxxxxxxxx> [2004-03-27 17:28]:
> [...] 
> > My question is this - are there any security risks to adding this 
> > command to a cron job, and having it execute say, once every 12 hours. 
> > Any and all input appreciated
> is it a risk if you do it manually? see? ;-)
> regards nico

There's always the issue of integrity checking. Using automatic updates
in conjunction with AIDE or Tripwire is pointless. It ruins the database
and makes it very hard to spot unwanted changes each time an automatic
update is done.

One more problem are the compile times. Since Gentoo emerges everything
(well most things, 99%) from source and compiles it this leaves your
machine at random times (whenever the cron job runs) very vulnerable for
denial of service issues since the CPU will be VERY busy compiling. If
you don't know in advance which stuff it emerges (this could be much or
nothing at all) this is a pretty risky thing. You might want to plan
emerging bigger ebuilds opposed to just run a cron job to avoid unwanted
down times due to compiler activity.

Then there's the problem of configuration file swaps. Portage won't
overwrite a config file but when the machine is rebooted or a service
restarts the newer version of a service might expect the newer config
file and stop working properly. You'll have to monitor configuration
updates yourself so there's no point in handling updates automatically.

Automatic updating in Gentoo on machines providing external services is
also a stupid idea since Portage does a lot of version bumps and this
will ruin a perfectly stable box most of the time. What if the newer
version doesn't work in your setup but emerged without problems? If you
don't monitor the automatic emerging activities regularly you won't even
be able to tell with certainty what the cause for the problem is.

I'd even go further. Running external services on a Gentoo box is
probably not recommended at all. General security and bug handling
hasn't reached a level acceptable for server use in my opinion yet. But
opinions and risk willingness differ.

Tobias W.

   ____  _____
  |  _ \| ____| Tobias Weisserth
  | | | |  _|   tobias@weisserth.[de|com|net|org]
 _| |_| | |___  http://www.weisserth.org
Encrypted mail is welcome.
Key and fingerprint: http://imprint.weisserth.org


Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil