DragonFly kernel List (threaded) for 2003-08
Re: Buffer overflow?
Rik van Riel wrote:
Personally I don't think the OS should compromise on the
security infrastructure in order to make things easier
I guess the most reasonable solution would be to have the
popular daemons installed in a secure setup by default;
ie. named, apache, the MTA and other important daemons
would come pre-packaged to run in a restricted environment.
That way the security people can tweak everything until
it's right, without having to compromise on security, while
the system administrators get something safe.
I personally like Matt's idea of making strict configuration as to what
daemons get to access what devices etc; and things like Non-executable
stack and Binary checksuming would be "Iceing on the Cake."
On the other hand, we also could provide some level of PAM support -- I
say this because of the amount of PAM modules out there which can be
used for integrating OSes like DFly in Active Directory and such
Even if we take out pain-less integration with Microsoft based
authentication servers, like Active Directory (effectively done by use
of pam_ldap and friends); PAM is supported by Linux and Sun. To
summarise, if we can provided some sort of PAM compatiblity, it will
make lives much easier as far as inter-operability is in the picture.
Also, I am not sure about the possiblity or the viability of what I am
about to suggest; that is, things like ACLs should be done as an overlay
over a file system, just like Quotas and the ability to make arbitrary
file systems volumes as root file systems. So it would be like:
[ UFS ] -> [ ACL-FS ] -> FS visibility (w/ ACLs)
So then, supposingly, a VFS entry-point exists that can be used by the
filesystem for storing the ACL information somewhere, be it on-disk, or
temporarily in memory (depending on what type of file system it is
Ofcourse, adding ACL support to userland utilities is just a different
ball-game altogether. :-)