Re: ld.so and LD_PRELOAD
On Sat, 7 Jun 2003 14:34, David B Harris wrote:
> > If it turns out that SELinux doesn't really provide the security bonus
> > you thought it did --- either due to a bug or wanton misconfiguration
> > --- you have a less secure box than a standard Linux one would of been
> > (because you wouldn't of offered the service)
If there is some particular program that you want to run but would not run
without the added protection of SE Linux (such as Sendmail) then you only
need to make sure that the SE Linux policy for that program is doing the
right thing. The protection for the rest of the system is merely an added
bonus.
> I certainly agree with the sentiment (having witnessed it myself
> routinely). However, LSM/SELinux is complex enough that most of the
> people who would be affected by this will choose another solution
> (grsecurity being the most prelevant, I believe). Those who don't have
Other solutions are less capable. For example the Gentoo policy in the gradm
package (which is more comprehensive than the Debian policy) has policy for
xauth which permits it to write to all files under /home.
The SE Linux policy for xauth permits it to create new files of a different
type which it has full access to (and the X applications can read) but can't
write to other files.
Also the grsec sample policy seems to have /bin/bash hard-coded into the
configuration in many places. With SE Linux files are given a type, so you
assign every shell the type shell_exec_t and things will work as expected no
matter which shell a user chooses. The shell is only a trivial example,
there are many other situations where having access based on file name will
bite you.
The case for SE Linux will be stronger when Linux 2.6.0 is released. The LSM
framework will be in the standard kernel (and probably the SE Linux code
too).
Is anyone offering root access to any machine running any security system
other than SE Linux?
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: