Secure Coding mailing list archives
Re: Re : virtual server - use jail(8) on FreeBSD
From: Crispin Cowan <crispin () immunix com>
Date: Fri, 02 Apr 2004 16:56:08 +0100
Serban Gh. Ghita wrote: First of all i did not express myself very clear: (for the ones who replied), i said virtual shared environment, not virtual machine, so i am not talking about VMware or other software like that. My main concern is the security in a server (eg webhosting provider), where multiple users are hosted, and everybody must be restricted to get out of his own home. Immunix SubDomain http://immunix.org/subdomain.html does exactly what you want. You can write a profile per CGI script that describes the set of files the script may read, write, and execute. The profile is written using regular expressions, so you can add flexibility to it. The profile can be applied as a global default, or per script. It can even be applied when you are using mod_perl or mod_php, when there is no actual call to exec(). Here's a screen shot of what a profile looks like http://immunix.org/subdomain.html The jail(8) solution seems fair to me, because i use FreeBSD on all servers, That is unfortunate, as SubDomain is linux only. To those complaining that this has noting to do with "secure coding." I disagree. This is a meta-language describing the permitted behavior of applications. It is secure coding in another form, with several attractive properties: * It is a meta-language, so it does not interfere with the structure of the base program. * It can be applied to closed-source binaries. * It is purely declarative, so it is easy to construct assurance arguments based on the content of the SubDomain profile. Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com Immunix 7.3 http://www.immunix.com/shop/
Current thread:
- Re : virtual server - use jail(8) on FreeBSD Serban Gh. Ghita (Apr 01)
- Re: Re : virtual server - use jail(8) on FreeBSD Crispin Cowan (Apr 02)