[2194] in linux-security and linux-alert archive
[linux-security] Re: You got some 'splaininn to do Lucy ;-)
daemon@ATHENA.MIT.EDU (Duncan Simpson)
Mon Aug 2 02:56:05 1999
To: linux-security@redhat.com
In-reply-to: Your message of "Sat, 31 Jul 1999 00:59:43 PDT."
<Pine.LNX.3.96.990731005545.17214C-100000@shell.netmagic.net>
Date: Sat, 31 Jul 1999 18:01:57 +0100
From: Duncan Simpson <dps@io.stargate.co.uk>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
There are several sorts of access control Linux does not have, and quite
probbaly should *not* have. A web site I found some back documented various
sorts of controls that could stop crackers with root doing things. Extra
things include adding classification levels to the systmem and only allowing
reading below and writng above (MLS), contexts which restrict what you can do
(MAC), etc. I think the people propsoed adding MACs to linux :-)
System call auditing is only the beginning---at least some aspect of this
would be nice, for example all the detials of attempted access violations (not
just useful for detecting cracker probes, think fixing access problems). In
the meantime we could think about capabilities required for doing things
normal users are allowed to do---in particular exec, unlink, rename and open
capabilities could protect services which do not need them. Naturally you
could keep file descriptors and use them after dropping open capability but
never create any more.
--
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
