A few thoughts..
H. S.
security at revolutionsp.com
Wed Mar 30 09:07:50 PST 2005
Thanks for all the replies, I'm considering mounting /home noexec, and
installing the most common stuff system-wide, so it can be executed by any
user.
As I stated previously, I'm not much of a C programmer, but I can do some
coding. I've been thinking into changing the core of the system a bit to
return errors if some information is accessed by a normal user. I'd like
to know if getuid() would work that deep in the system? And how can I
register sysctl mibs in the kernel ?
For example, say I wanted to create a kern.disclosure.no_dmesg ; Assuming
I could find the piece(s) of code that dmesg (talking dmesg here, but I'll
try to change some other stuff too) ultimately goes to, how would I
compare the sysctl kern.disclosure.no_dmesg to 1 or 0 ? A good paper on
this would be a very nice lead.
Thanks!
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On Tue, 29 Mar 2005, H. S. wrote:
>>
>>>> If you don't want users to run random binaries put /home and /tmp on
>>>> their own partitions and mount them noexec. Also note that users can
>>>> still read that info by accessing /var/log/messages and /var/run/
>>>> dmesg.boot
>>>>
>>>
>>> I do want them to run random binaries, such as psybncs, eggdrops,
>>> shoutcast servers, etc. Mounting /home noexec isn't an option, /tmp is
>>> noexec tho.
>>
>> On another hand, you could provide safe and secure system provided
>> binaries that they would have to use instead of compiling their own.
>> which would solve the case and ultimately when upgrading the package
>> provided to them would upgrade all the users at once without you
>> having to worry about insecurities being scattered throughout your
>> system. Now I could see if this was a development server then you
>> obviously would want to allow your users to do such a thing but since
>> you mentioned things like psybnc, shoutcast, etc... the thought to me
>> doesnt resemble a development server. So my suggestion would be
>> provide the software they need on a as-is-basis and take requests and
>> mount the user partition with the [noexec] option and tune sysctl
>> and operate in a secure level + chmod/chflag the proper files and
>> make 1 jail for the whole user based part of the system for all that
>> to run out of.
>>
>> Best of luck,
>> --c0ldbyte
>>
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.0 (FreeBSD)
>>
>> iD8DBQFCSfZKsmFQuvffl58RAsw0AJkB6cLDGL4dsY9FAGrKZatn8+MotQCfeEX3
>> 5R8zcR7nyVJQL1dgub0/nj0=
>> =h8hs
>> -----END PGP SIGNATURE-----
>> _______________________________________________
>> freebsd-hackers at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>> To unsubscribe, send any mail to
>> "freebsd-hackers-unsubscribe at freebsd.org"
>>
>
>
More information about the freebsd-hackers
mailing list