Date: Fri, 16 Mar 2001 09:51:10 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Warner Losh <imp@harmony.village.org> Cc: freebsd-arch@FreeBSD.ORG Subject: Re: flags settings for modules Message-ID: <200103161751.f2GHpvA04419@cwsys.cwsent.com> In-Reply-To: Your message of "Thu, 15 Mar 2001 01:16:06 MST." <200103150816.f2F8G6920260@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <200103150816.f2F8G6920260@harmony.village.org>, Warner Losh writes: > In message <20010314111629.A1018@dragon.nuxi.com> "David O'Brien" writes: > : So the question is do we want to keep my change? If so, shouldn't we use > : "schg" in a *lot* more places? Otherwise it's use is nebulous > > I think the change is premature. Until such time as we have a > convenient way to build a system that all vectors to compromise of > schg have been plugged, setting it to gain "security" is at best > folly. > > I do not argue that one could set schg on files by hand and might be > able to not miss any, such an undertaking is still very very > difficult. You have to make sure that all the rc scripts are schg. > And then all scripts that are run before we raise secure level. And > all binaries that are touched (and facist path policing of all > scripts). And then there's all the libraries that are linked in > against those binaries. And then there are all the modules loaded by > default or by the loader. And you have to secure the loader agianst > change in a similar way. And let's not forget any config files that > all these files/programs use. Oh, and let's not forget those things > that are too obscure for me to think of there. > > There are likely items in the list that I've forgotten. Since the > list is still so long, and since there's no one working on tightening > things up, I think that adding schg to modules is premature and will > cause more hassles than it is worth. > > Before people think that I don't think that this is worth it, or that > I have a negative attitude, I would like to point out that I think > work in this area would be beneficial. A script in /usr/sbin or a port might be the best answer. Maintaining this script might be another story. I'm currently working on a Tripwire 2.3.1 port and building the default policy file for FreeBSD has been a tedious process. I would think that building an schg script or port would be just as tedious. I could generate the script/port based on my work on the FreeBSD Tripwire policy file I'm currently building for the upcoming Tripwire 2.3.1 port. If people like this idea, I can do the work as it dovetails nicely with the Tripwire work I've been doing. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103161751.f2GHpvA04419>