View previous topic :: View next topic |
Author |
Message |
Chaser Andrey n00b
Joined: 07 Nov 2010 Posts: 16
|
Posted: Fri Sep 13, 2013 6:28 am Post subject: Skype on Hardened Gentoo |
|
|
Skype is blocked from being installed on hardened profiles.
Code: |
The following mask changes are necessary to proceed:
#required by skype (argument)
# /usr/portage/profiles/hardened/linux/package.mask:
# Can't be used on hardened. See upstream,
# http://developer.skype.com/jira/browse/SCL-616
>=net-im/skype-2.2.0.35-r1
|
But URL http://developer.skype.com/jira/browse/SCL-616 is not valid (anyway, I don't know how to get access in Skype's JIRA).
What the reasons of masking? Are new versions of Skype workable? |
|
Back to top |
|
|
eccerr0r Watchman
Joined: 01 Jul 2004 Posts: 9678 Location: almost Mile High in the USA
|
Posted: Fri Sep 13, 2013 5:37 pm Post subject: |
|
|
As a binary package, likely it contains some code that makes security hardened setups flag the software as insecure. It might well truly be insecure, but with a binary package, patching it is much more difficult.
I can see that even for pax hardened systems a binary hack is needed to run it (according to the ebuilds). So likely is the above...
You could try removing the mask and seeing if it works... I would assume it would dump out a lot of security violations. _________________ Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
Back to top |
|
|
Chaser Andrey n00b
Joined: 07 Nov 2010 Posts: 16
|
Posted: Fri Sep 13, 2013 5:49 pm Post subject: |
|
|
I always think that Skype is blackbox with backdoors inside, so I planned to run it in Grsecurity sandbox inside LXC-container. Is it good idea? Or better to run it in small virtual machine with X-forwarding? |
|
Back to top |
|
|
Naib Watchman
Joined: 21 May 2004 Posts: 6051 Location: Removed by Neddy
|
Posted: Fri Sep 20, 2013 12:42 pm Post subject: |
|
|
Skype itself is a security vulnerability and not only from the snooping. _________________
Quote: | Removed by Chiitoo |
|
|
Back to top |
|
|
|