Full Disclosure mailing list archives
Re: a secure base system
From: martin f krafft <madduck () madduck net>
Date: Mon, 15 Mar 2004 21:15:39 +0100
also sprach harry <Rik.Bobbaers () cc kuleuven ac be> [2004.03.15.1237 +0100]:
- /var and /tmp mounted nosuid and noexec
as others have probably written, this won't do much. first, noexec can be easily overriden: /lib/ld-linux.so.2 /tmp/trojan and second, nosuid on /var will make a couple of programs in Debian fail. i don't remember which.
- grsec kernel
why not use SELinux?
==> is this ok, too paranoia or is there somenting i'm missing, and cound it be even more safe?
you can surely get this a lot more save, especially against local access.
how about a compiler? normally, all soft on it is compiled by hand, but it is also "necessary" for a local exploit.
i can compile on my system and then run it on yours. you can install a compiler if you need it. also sprach Jochem Kossen <jkossen () xs4all nl> [2004.03.15.1424 +0100]:
How about /home? and how about nodev? (dunno if Linux has nodev)
sure it does. mounting /home and the others nodev is a good idea.
It could be more safe definitely. How about OpenBSD? (ye ye i'm biased ;), but there are more security oriented solutions around)
OpenBSD, Debian, OpenBSD, Debian... guess which one I'll pick. And that's not a hard decision. also sprach Tobias Weisserth <tobias () weisserth de> [2004.03.15.1933 +0100]:
If you want an up to date and modern productivity distribution with a good security policy you mustn't use Debian but an alternative like Fedora or SuSE or maybe Mandrake.
You may just as well use Debian and stay up to date with the security problems.
I know this will raise flames en masse from Debian fans. But it's a sour truth that Debian woody is hopefully outdated and as long as the Debian security team doesn't support the other releases it's no option at all to use these other releases in productive environments.
Productive environments are one of two kinds: servers and workstations. What's missing from Woody for a server? And concerning workstations: your security better shield a security problem on a workstation.
/tmp should always be mounted noexec. Add /home as well with noexec. Why should users be able to install or run programs from within their home directories anyway? Administered systems supply everything users need, so there's no need to give them this freedom. This may be a trade-off, but the result is more security.
whatever. read above.
You have missed the most important thing: file integrity checking. Take a look at Tripwire or AIDE.
good point! -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver! kill ugly radio -- frank zappa
Attachment:
signature.asc
Description: Digital signature
Current thread:
- a secure base system harry (Mar 15)
- Re: a secure base system Jochem Kossen (Mar 15)
- Re: a secure base system Ron DuFresne (Mar 15)
- Re: a secure base system Maikel Verheijen (Mar 15)
- Re: a secure base system Fabrice MARIE (Mar 15)
- RE : a secure base system -> ADAMANTIX Abdelkader ALLAM (Mar 15)
- Re: a secure base system martin f krafft (Mar 15)
- Re: Re: a secure base system Tobias Weisserth (Mar 15)
- Re: Re: a secure base system martin f krafft (Mar 15)
- Re: Re: Re: a secure base system Tobias Weisserth (Mar 15)
- Re: Re: Re: a secure base system martin f krafft (Mar 15)
- RE : a secure base system -> ADAMANTIX Abdelkader ALLAM (Mar 15)
- Re: a secure base system Jochem Kossen (Mar 15)
- Re: a secure base system Alexander Bartolich (Mar 15)
- Re: a secure base system Valdis . Kletnieks (Mar 15)