[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Auditing systems for default homedir permissions and other potential security risks and also for overly long subjects and needlessly antagonistic mailing list discussion threads

On to, 2011-02-17 at 15:24 +0000, Roger Leigh wrote:
> I would argue that a change that /would/ make a real difference, would
> be to have (as an example) emblems in Nautilus that flag files and
> folders depending on if other people have read or write access.  That
> would visually show what is (and is not) secure either by intention or
> by accident.

I'm with Roger and Ian on the default permissions, but that's not why I
am making this thread needlessly longer. I am making it needlessly
longer because I had a mildly related idea that I am hoping someone will
pick up and implement.

It would be really cool if there was an automatic auditor for people to
use. Not just showing emblems in Nautilus, but offering to fix things as
well. Here's how I imagine it might work.

You tell the auditor what kind of system this is. d-i would set up a
default. For example, personal laptop, or web server, or mail server.
You also tell the auditor how much security you want: normal, a lot, or
too much.

The auditor then looks for things in the system, and in home
directories, which might be problems. For example, if it's meant to be a
mail server with a lot of security, having telnetd installed and running
would be a problem for it to flag. Likewise, it might flag home
directory permissions.

It then presents the user with a prioritized report, with most urgent
things first. The user can then say "I'm ok with this, don't tell me
about it again", or "Fix this now, please", or "I don't know what I'm
doing, just do something smart", or "I'm suddenly busy, just tell me
about this when I ask for a new report".

The automatic fixing might do things like remove or disable services, or
fix permissions, or install missing security updates, or, on the "too
much" security level, wipe all disks and send an e-mail to the nearest
secure destruction service to come and pick up the computer and take to
it where it can be melted.

(If you like the idea, start hacking! I will not get around to this
until some other millennium, when I've finished my backup application. I
want my backups done before I request my computer to be destroyed.)

Reply to: