Create a Safe daemon against malicious scrips

Bug #497445 reported by dentaku65
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
One Hundred Papercuts
Invalid
Undecided
Unassigned
Ubuntu
Invalid
Wishlist
Unassigned

Bug Description

Due to this serious report
http://ubuntuforums.org/showthread.php?t=1349678
that show the possibility to compromise the system; I suggest to create a sort of safe daemon that check the system against a list of malicious commands (es. sudo rm -fR / or sudo rm -fR $HOME) and their script variables (ruby, perl, etc..).
This is a very dangerous situation because from the report I can install a screensaver from gnome-look.org and compromise my system; as soon as the variety of "external" software repository will grow (es. gnome-look, kde-look, android market and, perhaps, Ubuntu software center) as well as the linux/ubuntu users, the risk to be attacked will be very high.

To limit the possibility of malaware and/or malicious commands on the system I suggest to create a Safe daemon.

dentaku65 (dentaku65)
visibility: private → public
Revision history for this message
Vish (vish) wrote :

Thank you for bringing this bug to our attention. However, a paper cut should be a small usability issue, in the default Ubuntu install, that affects many people and is quick and easy to fix. So this bug can't be addressed as part of this project.

- Though this needs to be addressed , Writing a new daemon is not a papercut task.
For further information about papercuts criteria, please read https://wiki.ubuntu.com/PaperCut.

Don't worry though, this bug has been marked as "Invalid" only in the papercuts project.

Changed in hundredpapercuts:
status: New → Invalid
Revision history for this message
Jonathan Thomas (echidnaman) wrote :

This isn't really feasible, and any attempt would be easy to bypass by malicious scripts.

Changed in ubuntu:
importance: Undecided → Wishlist
status: New → Invalid
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.