Re: [Tails-dev] /usr/local/sbin/htpdate suggestion

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] /usr/local/sbin/htpdate suggestion
Hi,

adrelanos wrote (09 Oct 2012 23:17:53 GMT) :
> Reasons:
> - Most scripts hardcode the paths.


I'm not sure where you got your numbers,
and anyway I fail to see why this is a valid reason.
We're not discussing anonymity sets here :)

> - It's safer, since /usr/local/sbin/htpdate starts curl as root.


If Tails runs htpdate as root in an environment where /usr/local/sbin/
can be written to by an attacker, then we have quite bigger problems,
and I doubt hardcoding paths will be very useful.

Does Tails do that?

> - If you ever add a curl uwt wrapper, you will still want to use
> /usr/bin/curl directly, since you are using --socks5-hostname there.


I hope we don't ever get there.
If we do, then we will have to reconsider this, sure!

Any other reason to do this change?

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc