[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#325824: ITP: ninja -- Privilege escalation detection system for GNU\Linux

Package: wnpp
Severity: wishlist
Owner: William Vera <billy@billy.com.mx>

* Package name    : ninja
  Version         : 0.1.1
  Upstream Author : Tom Rune Flo <tom@x86.no>
* URL             : http://forkbomb.org/ninja/
* License         : GPL
  Description     : Privilege escalation detection system for GNU\Linux

Ninja is a privilege escalation detection  and  prevention
system for GNU/Linux hosts. While running, it will monitor
process activity on the local host, and keep track of  all
processes  running  as root.  If a process is spawned with
UID or GID zero (root), ninja will log necessary  informa-
tion  about  this process, and optionally kill the process
if it was spawned by an unauthorized user.

A "magic" group can be specified, allowing members of this
group to run any setuid/setgid root executable.

Individual  executables  can be whitelisted.  Ninja uses a
fine grained whitelist that lets you whitelist executables
on  a  group  and/or user basis. This can be used to allow
specific groups or individual users access to  setuid/set-
gid root programs, such as su(1) and passwd(1).

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.8-2-386
Locale: LANG=es_MX, LC_CTYPE=es_MX (charmap=ISO-8859-1)

Reply to: