Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Skype on Hardened Gentoo
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Multimedia
View previous topic :: View next topic  
Author Message
Chaser Andrey
n00b
n00b


Joined: 07 Nov 2010
Posts: 14

PostPosted: Fri Sep 13, 2013 6:28 am    Post subject: Skype on Hardened Gentoo Reply with quote

Skype is blocked from being installed on hardened profiles.

Code:

The following mask changes are necessary to proceed:
#required by skype (argument)
# /usr/portage/profiles/hardened/linux/package.mask:
# Can't be used on hardened. See upstream,
# http://developer.skype.com/jira/browse/SCL-616
>=net-im/skype-2.2.0.35-r1


But URL http://developer.skype.com/jira/browse/SCL-616 is not valid (anyway, I don't know how to get access in Skype's JIRA).

What the reasons of masking? Are new versions of Skype workable?
Back to top
View user's profile Send private message
eccerr0r
Advocate
Advocate


Joined: 01 Jul 2004
Posts: 3894
Location: USA

PostPosted: Fri Sep 13, 2013 5:37 pm    Post subject: Reply with quote

As a binary package, likely it contains some code that makes security hardened setups flag the software as insecure. It might well truly be insecure, but with a binary package, patching it is much more difficult.

I can see that even for pax hardened systems a binary hack is needed to run it (according to the ebuilds). So likely is the above...

You could try removing the mask and seeing if it works... I would assume it would dump out a lot of security violations.
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed to be advocating?
Back to top
View user's profile Send private message
Chaser Andrey
n00b
n00b


Joined: 07 Nov 2010
Posts: 14

PostPosted: Fri Sep 13, 2013 5:49 pm    Post subject: Reply with quote

I always think that Skype is blackbox with backdoors inside, so I planned to run it in Grsecurity sandbox inside LXC-container. Is it good idea? Or better to run it in small virtual machine with X-forwarding?
Back to top
View user's profile Send private message
Naib
Advocate
Advocate


Joined: 21 May 2004
Posts: 4110
Location: Removed by Neddy

PostPosted: Fri Sep 20, 2013 12:42 pm    Post subject: Reply with quote

Skype itself is a security vulnerability and not only from the snooping.
_________________
A free press is the unsleeping guardian of every other right that free men prize; it is the most dangerous foe of tyranny. Where men have the habit of liberty, the Press will continue to be the vigilant guardian of the rights of the ordinary citizen.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Multimedia All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum