[CLUE-Tech] Sys Admin security and user directory security
Eric Kilfoil
ekilfoil at viawest.net
Thu Dec 27 09:46:08 MST 2001
This type of security model is an interesting situation. There is a
product called Pitbull LX made by Argus which can do these types of
things. However, there will always need to be someone that has access to
everything. There isn't really a way around this. Pitbull however can
let you give the root account certain capabilities at a more granular
level. You can break down the access given to root into certain
distinct capabilities such as overriding directory permissions. With
products such as Pitbull, you can disallow this access to root for certain
"compartments" of your system.
This type of system if fairly complex. I'm pretty sure that Argus offers
the linux version of Pitbull for free. You can find more information at
http://www.argus-systems.com/
One of the nicer features of pitbull is that access rights don't
neccessarily extend across the fork system call. This is how they
"prevent" buffer overflow vulnerabilities. Remove all of the priveleges
across a fork() call and your would-be attacker now finds themself with a
shell account (as root) that doesn't have access to do anything.
In case it already isn't obvious, adding security adds complexity. As a
general rule as security is added, productivity is decreased. The most
secure systems have no local console, no network connection, no power, and
are buried in a few feet of concrete, thereby rendering it useless :).
On a side note, i think the argus OpenHack II contest was won within 4
hours. Apparently OpenHack III was a little more successful for them:
http://www.argus-systems.com/feature/commentary/openhack/
anyhow, good luck
eric
More information about the clue-tech
mailing list