| 1 |
On Fri, 2003-07-18 at 02:54, Brandon Hale wrote: |
| 2 |
> On Thu, 2003-07-17 at 08:52, Alvaro Figueroa Cabezas wrote: |
| 3 |
> |
| 4 |
> > Well, it the idea is to harden boxes, this chroot flag should |
| 5 |
> > apply to every service thinkable... (And this is a _lot_ of work) |
| 6 |
|
| 7 |
Its not that bad really and has many usefull uses outside of security |
| 8 |
enviroments alone. |
| 9 |
|
| 10 |
> I can't argue with that, but the initial goal would be to harden a few |
| 11 |
> commonly used or notoriously insecure services. These include bind, ntpd |
| 12 |
> and apache to name a few. I am currently working with the bind ebuild to |
| 13 |
> adapt the chroot code to respect USE="chroot." |
| 14 |
|
| 15 |
I will support this flag and will help out where I can, perhaps adopting |
| 16 |
a script I've been using myself to chroot services on gentoo as an |
| 17 |
eclass http://dev.gentoo.org/~solar/gentoo.mkchroot. Then I/we should be |
| 18 |
able to take the acls generated from grsec in learning mode to create |
| 19 |
runtime package profiles which could be used to tell us what exactly |
| 20 |
needs be in our chroot jail. |
| 21 |
|
| 22 |
On another note I will be happy to pay the first person who codes |
| 23 |
sys_jail() for linux as a kernel patch 2 magic beans and a pocket full |
| 24 |
lint. |
| 25 |
|
| 26 |
> |
| 27 |
> > But is the idea is to really harden boxes, chroots should be forgoten, |
| 28 |
> > and capabilities applied :). |
| 29 |
> |
| 30 |
> I'm not sure what you mean by capabilities, but I received a similar |
| 31 |
> argument concerning SE Linux, whose superior security model negates the |
| 32 |
> usefulness of chroot'ing a service. However, SE Linux is currently |
| 33 |
> difficult to implement effectively and not a feasible choice for the |
| 34 |
> average sysadmin. Chroot'ing key services could be nicely complemented |
| 35 |
> by grsec's chroot hardening, and provide what I believe to be a workable |
| 36 |
> solution to increase security in Gentoo. |
| 37 |
> |
| 38 |
|
| 39 |
Capabilities are basicly a repartition of roots permissions. Here is the |
| 40 |
basic list of them |
| 41 |
http://www.gentoo.org/proj/en/hardened/capabilities.xml |
| 42 |
|
| 43 |
|
| 44 |
> |
| 45 |
> |
| 46 |
> -- |
| 47 |
> gentoo-dev@g.o mailing list |
| 48 |
-- |
| 49 |
Ned Ludd <solar@g.o> |
| 50 |
Gentoo Linux Developer (Hardened) |
| 51 |
|
| 52 |
|
| 53 |
-- |
| 54 |
gentoo-dev@g.o mailing list |
Archives