Re: security

To: Russell Coker <russell@coker.com.au>
Cc: Debian User <debian-user@lists.debian.org>
Subject: Re: security
From: Rob Weir <rweir@ertius.org>
Date: Sun, 9 Feb 2003 19:46:05 +1100
Message-id: <[🔎] 20030209084605.GC21054@thebox.bloog.ddts.net>
Mail-followup-to: Russell Coker <russell@coker.com.au>, Debian User <debian-user@lists.debian.org>
In-reply-to: <[🔎] 200302031421.33937.russell@coker.com.au>
References: <[🔎] 200302031421.33937.russell@coker.com.au>

[DISCLAIMER: I've played with this here at home, and think I've got a
fairly secure system, but I'm no expert, I'm just an interested geek]

On Mon, Feb 03, 2003 at 02:21:33PM +0100, Russell Coker wrote:
> Is anyone here running a Debian system with no daemons running as root
> other than init, inetd, and sshd, no SUID-root programs other than
> passwd, su, etc, and generally having everything locked down as much
> as possible (chroot's for daemons, etc)?

I'm running bind9 in a chroot (using Martin's bind9-chroot package);
everything else is as normal. 

> If so what kernel patches do you apply for security?  

I'm using a couple at the moment: grsecurity and the pseudo-socket ACL
one.  grsecurity is quite well documented out there, and provides a huge
number of hardening options, as well as it's own ACL implementation.
the pseudo-socket ACL patch gets around the currently simplistic TCP
port security system (root can bind <1024, everyone can take those above
that) by letting you create particular groups that are allowed to bind
to low ports, but do not otherwise have root privileges.

> What do you consider to be the main area of weakness in your system
> security that needs to be addressed?  

Privileged daemons seem to be the largest issue these days.  AIUI,
SELinux significantly reduces the privileges that daemons have, so this
is already a large step in the right direction.

[snip]

> I am interested in improving the general security of Debian and am
> involved in some discussions as to what is the best way to do it.  I
> am searching for background data to help with this.

I'd say your SELinux work is the single most useful thing that could be
used to improve the security of Debian, since it (AFAIK) uses MAC to
lock down broad swathes of the system, only opening the small holes that
are needed.  More support for daemons running as non-privileged users
and in chroots are always good though, especially with kernel 2.4's bind
mounts.

More general things, like source audits and using packages like libsafe
and valgrind to reduce the effects and find the sources of buffer
overflows is essential also, but it's not Debian-specific.

I'm sure this is all already obvious, but perhaps it'll help...

-- 
Rob Weir <rweir@ertius.org>				http://ertius.org/

Attachment: pgpoilma6Y2Fo.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: security
  - From: Jeffrey Taylor <jeff.taylor@ieee.org>

References:
- security
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: apt
Next by Date: Re: Next release schedule (was: Re: gnome 1.4 or gnome 2 ??)
Previous by thread: security
Next by thread: Re: security
Index(es):
- Date
- Thread