Gentoo Archives: gentoo-security

From: Anders Bruun Olsen <anders@×××××××××××.net>
To: gentoo-security@l.g.o
Subject: [gentoo-security] Advice about security solution
Date: Tue, 08 Nov 2005 22:30:53

I have a server that's doing just about everything a server can do. It's
serving webpages with Apache, running mysql, handling mail for around 30
people with Postfix, running subversion for a couple of development
projects, running both a Ventrilo and a CounterStrike server as well as
having a bunch of local users via ssh which use it to run mutt,
centericq, irssi and stuff like that. In general a very active server.
I have been having my doubts about the security on this server lately
however, and have been looking into different solutions.
A quick analysis will show that the solution needs to take into account
both attacks from outside and local attacks since local users can't be
trusted 100%.
My first idea was to use linux-vserver, put everything into their own
vservers and have users log into a vserver with just the programs they
need there to minimize the threat from them. Unfortunately screen does
not work inside vservers so this solution is no good as most users have
their mailclient, irc client, icq client etc. running in a screen and
just reattach to it when they log in.
Now I could run everything in vservers and just let users login to the
host as they do now. That would certainly limit the threat from security
bugs in things like the CS server, and would limit the users ability to
mess with running processes. Not that they have rights to do that
anyway, but a layer of protection has been added. I would have liked
this solution to use SELinux or grsecurity to give me access control to
further boost security, but it seems that there aren't any current
vserver+grsec patches available and the don't apply cleanly on top of
each other. And SELinux is incompatible with vserver (I have read).
Yet another solution would be to drop vserver and just use grsecurity or
SELinux, but I am uncertain how good the protection against security
holes in i.e. CS-server would be in contrast with the vserver solution.
Yet another solution would of course be Xen, but since 3.0 is not yet in
stable, I don't really think that's a viable solution yet.

I might be missing some possible solution scenarios and would very much
appreciate advice. Both regarding my ideas so far, and anything I have

And no, buying a second server to isolate users on is not an option.
This is a private server and I am not a rich guy :)

Thanks in advance.

Version: 3.12
GCS/O d--@ s:+ a-- C++ UL+++$ P++ L+++ E- W+ N(+) o K? w O-- M- V
PS+ PE@ Y+ PGP+ t 5 X R+ tv+ b++ DI+++ D+ G e- h !r y?
gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] Advice about security solution Nathanael Hoyle <nhoyle@××××××××××××.net>