Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
On Thu, 8 May 2003 22:36, Andrew Suffield wrote:
> Security should be end-to-end, not point-to-point. The sheer number of
> times a site has been compromised because their "secure" network
> wasn't and somebody was using rsh...
Even that isn't enough IMHO.
I have my machines configured such that ssh can't provide administrative
access, and even if someone cracks sshd it can't grant such access. Then
after someone logs in via ssh they have to re-authenticate before getting
full access.
This means that next time there's a ssh security hole all I have to do is
refrain from ssh'ing to my machines (as someone may have cracked the sshd to
sniff passwords) and fix them at my leisure by logging in at the console.
Also script kiddies will be deterred by the way sshd is run. A call to the
exec() family of functions won't get very far, they need to call the SE Linux
system call execve_secure() to get a shell in a user context to do anything
useful. This isn't an aim of SE Linux, it's just a conveniant side-affect
that may be helpful against automated attack tools.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: