1 |
Hi, |
2 |
|
3 |
I have a server that's doing just about everything a server can do. It's |
4 |
serving webpages with Apache, running mysql, handling mail for around 30 |
5 |
people with Postfix, running subversion for a couple of development |
6 |
projects, running both a Ventrilo and a CounterStrike server as well as |
7 |
having a bunch of local users via ssh which use it to run mutt, |
8 |
centericq, irssi and stuff like that. In general a very active server. |
9 |
I have been having my doubts about the security on this server lately |
10 |
however, and have been looking into different solutions. |
11 |
A quick analysis will show that the solution needs to take into account |
12 |
both attacks from outside and local attacks since local users can't be |
13 |
trusted 100%. |
14 |
My first idea was to use linux-vserver, put everything into their own |
15 |
vservers and have users log into a vserver with just the programs they |
16 |
need there to minimize the threat from them. Unfortunately screen does |
17 |
not work inside vservers so this solution is no good as most users have |
18 |
their mailclient, irc client, icq client etc. running in a screen and |
19 |
just reattach to it when they log in. |
20 |
Now I could run everything in vservers and just let users login to the |
21 |
host as they do now. That would certainly limit the threat from security |
22 |
bugs in things like the CS server, and would limit the users ability to |
23 |
mess with running processes. Not that they have rights to do that |
24 |
anyway, but a layer of protection has been added. I would have liked |
25 |
this solution to use SELinux or grsecurity to give me access control to |
26 |
further boost security, but it seems that there aren't any current |
27 |
vserver+grsec patches available and the don't apply cleanly on top of |
28 |
each other. And SELinux is incompatible with vserver (I have read). |
29 |
Yet another solution would be to drop vserver and just use grsecurity or |
30 |
SELinux, but I am uncertain how good the protection against security |
31 |
holes in i.e. CS-server would be in contrast with the vserver solution. |
32 |
Yet another solution would of course be Xen, but since 3.0 is not yet in |
33 |
stable, I don't really think that's a viable solution yet. |
34 |
|
35 |
I might be missing some possible solution scenarios and would very much |
36 |
appreciate advice. Both regarding my ideas so far, and anything I have |
37 |
missed. |
38 |
|
39 |
And no, buying a second server to isolate users on is not an option. |
40 |
This is a private server and I am not a rich guy :) |
41 |
|
42 |
Thanks in advance. |
43 |
|
44 |
-- |
45 |
Anders |
46 |
-----BEGIN GEEK CODE BLOCK----- |
47 |
Version: 3.12 |
48 |
GCS/O d--@ s:+ a-- C++ UL+++$ P++ L+++ E- W+ N(+) o K? w O-- M- V |
49 |
PS+ PE@ Y+ PGP+ t 5 X R+ tv+ b++ DI+++ D+ G e- h !r y? |
50 |
------END GEEK CODE BLOCK------ |
51 |
PGPKey: http://random.sks.keyserver.penguin.de:11371/pks/lookup?op=get&search=0xD4DEFED0 |
52 |
-- |
53 |
gentoo-security@g.o mailing list |