Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Skype on Hardened Gentoo
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Multimedia
View previous topic :: View next topic  
Author Message
Chaser Andrey
n00b
n00b


Joined: 07 Nov 2010
Posts: 16
PostPosted: Fri Sep 13, 2013 6:28 am    Post subject: Skype on Hardened Gentoo Reply with quote
Skype is blocked from being installed on hardened profiles.

Code:

The following mask changes are necessary to proceed:
#required by skype (argument)
# /usr/portage/profiles/hardened/linux/package.mask:
# Can't be used on hardened. See upstream,
# http://developer.skype.com/jira/browse/SCL-616
>=net-im/skype-2.2.0.35-r1


But URL http://developer.skype.com/jira/browse/SCL-616 is not valid (anyway, I don't know how to get access in Skype's JIRA).

What the reasons of masking? Are new versions of Skype workable?
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 9675
Location: almost Mile High in the USA
PostPosted: Fri Sep 13, 2013 5:37 pm    Post subject: Reply with quote
As a binary package, likely it contains some code that makes security hardened setups flag the software as insecure. It might well truly be insecure, but with a binary package, patching it is much more difficult.

I can see that even for pax hardened systems a binary hack is needed to run it (according to the ebuilds). So likely is the above...

You could try removing the mask and seeing if it works... I would assume it would dump out a lot of security violations.
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Chaser Andrey
n00b
n00b


Joined: 07 Nov 2010
Posts: 16
PostPosted: Fri Sep 13, 2013 5:49 pm    Post subject: Reply with quote
I always think that Skype is blackbox with backdoors inside, so I planned to run it in Grsecurity sandbox inside LXC-container. Is it good idea? Or better to run it in small virtual machine with X-forwarding?
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 6051
Location: Removed by Neddy
PostPosted: Fri Sep 20, 2013 12:42 pm    Post subject: Reply with quote
Skype itself is a security vulnerability and not only from the snooping.
_________________
Quote:
Removed by Chiitoo
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Multimedia All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy