Re: A question about Knark and modules
On Sun, Jun 17, 2001 at 07:55:40PM -0800, Ethan Benson wrote:
>
> a bit. lids makes system adminsitration utterly impossible. unless
> you leave enough holes open which an attacker can use to bypass it
> all.
well nearly...
at least you can prevent new or unknown process/files from acessing stuff.
If there is an exploit for an existing piece of software you are back at
square one.
The advantage is extremely granular control: a program at a specific inode
can be given capabilities while everything else has them refused.
the disadvantage is that you end up with a million little holes (complexity)
fortunately the files that have these added capabilities are also
protected (from trojaning - buffer overruns etc still work)
>
> the thing is once you make exceptions for the system adminsistrator to
> use to maintain the you open the holes the attacker needs to trojan
> your system and to remove the additional obsticales you installed.
yes it is possible with lids, but it is a _lot_ harder:
processes can be hidden.
binaries RO (trojaning is difficult)
logs append
/etc/somefile can only be read when you allow it.
>
> system adminsitrator == root
> cracker == root
>
cracker==root sysadmin==root+LIDS_password
if someone can sniff me typing in my lids password (encrypted in the kernel)
then I am stuffed.
In short Lids can be a pain to set up, but would also be a pain to crack,
especially if the cracker doesn't know exactly which rules I have set up.
a good cracker could do it.
btw I notice that they are still working on fork bomb protection. that would
be nice :)
--
Reply to: