Date: Wed, 30 Mar 2005 11:06:53 -0600 (CST) From: "H. S." <security@revolutionsp.com> To: freebsd-hackers@freebsd.org Subject: Re: A few thoughts.. Message-ID: <63519.81.84.174.37.1112202413.squirrel@mail.revolutionsp.com> In-Reply-To: <63511.81.84.174.37.1112202327.squirrel@mail.revolutionsp.com> References: <61910.81.84.174.37.1112123946.squirrel@mail.revolutionsp.com> <20050329213528.59dab2e2.flynn@energyhq.es.eu.org> <62208.81.84.174.37.1112130745.squirrel@mail.revolutionsp.com> <20050329193558.L33759@eleanor.us1.wmi.uvac.net> <63511.81.84.174.37.1112202327.squirrel@mail.revolutionsp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for all the replies, I'm considering mounting /home noexec, and installing the most common stuff system-wide, so it can be executed by any user. As I stated previously, I'm not much of a C programmer, but I can do some coding. I've been thinking into changing the core of the system a bit to return errors if some information is accessed by a normal user. I'd like to know if getuid() would work that deep in the system? And how can I register sysctl mibs in the kernel ? For example, say I wanted to create a kern.disclosure.no_dmesg ; Assuming I could find the piece(s) of code that dmesg (talking dmesg here, but I'll try to change some other stuff too) ultimately goes to, how would I compare the sysctl kern.disclosure.no_dmesg to 1 or 0 ? A good paper on this would be a very nice lead. Thanks! > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Tue, 29 Mar 2005, H. S. wrote: >> >>>> If you don't want users to run random binaries put /home and /tmp on >>>> their own partitions and mount them noexec. Also note that users can >>>> still read that info by accessing /var/log/messages and /var/run/ >>>> dmesg.boot >>>> >>> >>> I do want them to run random binaries, such as psybncs, eggdrops, >>> shoutcast servers, etc. Mounting /home noexec isn't an option, /tmp is >>> noexec tho. >> >> On another hand, you could provide safe and secure system provided >> binaries that they would have to use instead of compiling their own. >> which would solve the case and ultimately when upgrading the package >> provided to them would upgrade all the users at once without you >> having to worry about insecurities being scattered throughout your >> system. Now I could see if this was a development server then you >> obviously would want to allow your users to do such a thing but since >> you mentioned things like psybnc, shoutcast, etc... the thought to me >> doesnt resemble a development server. So my suggestion would be >> provide the software they need on a as-is-basis and take requests and >> mount the user partition with the [noexec] option and tune sysctl >> and operate in a secure level + chmod/chflag the proper files and >> make 1 jail for the whole user based part of the system for all that >> to run out of. >> >> Best of luck, >> --c0ldbyte >> >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.0 (FreeBSD) >> >> iD8DBQFCSfZKsmFQuvffl58RAsw0AJkB6cLDGL4dsY9FAGrKZatn8+MotQCfeEX3 >> 5R8zcR7nyVJQL1dgub0/nj0= >> =h8hs >> -----END PGP SIGNATURE----- >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to >> "freebsd-hackers-unsubscribe@freebsd.org" >> > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?63519.81.84.174.37.1112202413.squirrel>