RE: Bug in how capabilities

• Next message: Alex Buell: "Re: Linux 2.5 / 2.6 TODO (preliminary)"
• Previous message: Christoph Rohland: "Re: [PATCH] VM bugfix + rebalanced + code beauty"
• In reply to: Pavel Machek: "Re: Bug in how capability inheritance is handled in "fs/exec.c", 2.3.99"
• Next in thread: Linda Walsh: "RE: Bug in how capability inheritance is handled in "fs/exec.c", 2.3.99"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> -----Original Message-----
> From: Pavel Machek [mailto:pavel@suse.cz]

> So what? I can not execute setuid shell, but I can freely do anything
> I could do with the shell. I'll add myself to
> ~root/.ssh/authorized_keys instead of running root shell. This is
> called security by obscurity.
>
> (Still it can be a little bit usefull.)
> Pavel
> --
> I'm pavel@ucw.cz. "In my country we have almost anarchy and I don't care."
> Panos Katsaloulis describing me w.r.t. patents me at discuss@linmodems.org
>

---
It's only a piece of the puzzle -- you came in via what route?  A daemon
running with LUID=daemon?  Ooooo....LUID daemon is editing files in
/root.  I'd guess that would be a big-time redflag.  Or say you 
managed to do an 'su' from user mrevil -- RT-Audit daemon (user-provided)
detects that LUID=george is editing a root file, user mrevil is not
in group 'wheel', or 'sysadmins' or is not in a known memory resident
list of sysadmins -- bad mrevil...action:signal(SIGKILL).
If you are looking for one solution that will solve all your
problems I have nothing to offer.  Think of security features like
extra bits in an encryption key.  The more layers (bits) you add
the more difficult it is to crack system security.  The only
100% secure system is one to which no one has access and nothing will
cause the machine to go out of "secure state" (secure state=off).  Not too
useful.  Using a GOOGLE-PLEX (10^(10^100) bit encryption key wouldn't 
be too useful neither since it'd take forever to generate.  But
even 512 bit keys are now vulnerable to cracking with an optoelectronic
device (TWINKLE, ref. http://cryptome.org/twinkle.eps) -- meaning
1024 bit keys are next on the horizon.  
I'm just wanting to get Linux *verified*/*certified* as having basic
levels of security common in all large systems manufacturers -- things
that are or will be required for us to enter certain marketplaces. 
-linda
--
Linda A Walsh                    | Trust Technology, Core Linux, SGI
law@sgi.com                      | Voice: (650) 933-5338                        
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Alex Buell: "Re: Linux 2.5 / 2.6 TODO (preliminary)"
• Previous message: Christoph Rohland: "Re: [PATCH] VM bugfix + rebalanced + code beauty"
• In reply to: Pavel Machek: "Re: Bug in how capability inheritance is handled in "fs/exec.c", 2.3.99"
• Next in thread: Linda Walsh: "RE: Bug in how capability inheritance is handled in "fs/exec.c", 2.3.99"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed May 31 2000 - 21:00:28 EST