[Xastir] Help with permissions

[Rob Noll]

Thanks guys! My concern wasn't with xastir itself, but rather whether that opened a security vulnerability for a virus to say, replace xastir with it's own binary that would then have root.  But as Andrew pointed out, if I don't have internet, a virus probably isn't going to come in on a radio packet :-)
So it sounds like this will serve my purpose. As far as the time jump, xastir runs at boot when my bootup script detects the presence of the tnc, and everything seems to be booting up ok.
Thanks so much!

Rob, WX1N


-------- Original Message --------
From: "Curt, WE7U" <curt.we7u at gmail.com>
Sent: August 15, 2017 5:35:08 PM EDT
To: Xastir - APRS client software discussion <xastir at lists.xastir.org>
Subject: Re: [Xastir] Help with permissions

On Tue, 15 Aug 2017, Rob Noll wrote:

> This setup is located in my pickup and as such does not always have internet
> access.  The Raspberry Pi does not have a real clock, and therefore if it is
> started without internet access, the date and time are incorrect.  This
> results in an invalid timestamp on my packets, which results in them not
> showing on aprs.fi.
>
> It appears I can attempt to solve this in a number of different ways - set
> the SUID bit on the Xastir binary so Xastir can set the system time; set up
> GPS software that will masquerade as an NTP server allowing the Pi to set
> the clock from the GPS itself; run a batch script at startup to manually
> read the GPS and set the system time; configure Xastir to use the "fixed
> station" option so it does not send a time stamp; figure out which command
> Xastir uses to set the time and configure the Pi to allow any user to use
> that command.

Speaking as one of the ones that massaged the code to make SUID safer in Xastir, I'd say you're pretty safe using that. Yes, it does allow Xastir to do things as root, but Xastir will drop to normal user privileges most of the time and then just go to root privileges for a short time to access ports or to do a few special commands.

Also: If you aren't giving wifi access to your Rpi while you're driving around, there's no way for someone to hack in to mess with things, and they can't try to take advantage of SUID root programs that way.

Now if you're driving around with an open Wifi allowing people to connect, you might want to shut that down.

Xastir does a significant time jump using this technique. May cause havoc with other things, may not.

Another option is to run gpsd on the box, connect Xastir to gpsd, and see about running ntp against gpsd. With this scheme you'll get slow transitions in time to keep things in sync. You may have to play with it a bit to make sure it can do faster transitions towards the current time if you're using it mobile: The transitioning might not be fast enough for you. Note: I haven't done this method so there may be some gotcha's in it, but it's worth considering. It allows sharing the GPS with as many devices as want to use it.


> At the moment, my solution is to set the SUID bit on the Xastir binary.
> This is allowing Xastir to set the system time and seems to solve my
> problem.  However, I'm unclear as to whether this is an excessive security
> risk and/or a bad method of doing things.  One Xastir page mentions that
> this method is necessary to use an AX.25 server, but another page mentions
> in capital letters not to run Xastir as root.  I do not know if setting the
> SUID bit is the same as running it as root but it seems like it would be.

It's not the same as running it as root. When you run Xastir as root it is always running as root, every file it creates ends up owned as root. It's a bad idea.

Running SUID root allows Xastir to run as a normal user most of the time, and only revert to root for fractions of a second when truly necessary.