DragonFly BSD
DragonFly kernel List (threaded) for 2003-08
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Buffer overflow?

From: Hiten Pandya <hmp@xxxxxxxx>
Date: Mon, 04 Aug 2003 05:12:48 +0100

Rik van Riel wrote:
Personally I don't think the OS should compromise on the
security infrastructure in order to make things easier
to configure.

I guess the most reasonable solution would be to have the
popular daemons installed in a secure setup by default;
ie. named, apache, the MTA and other important daemons
would come pre-packaged to run in a restricted environment.

That way the security people can tweak everything until
it's right, without having to compromise on security, while
the system administrators get something safe.

I personally like Matt's idea of making strict configuration as to what daemons get to access what devices etc; and things like Non-executable stack and Binary checksuming would be "Iceing on the Cake."

On the other hand, we also could provide some level of PAM support -- I say this because of the amount of PAM modules out there which can be used for integrating OSes like DFly in Active Directory and such environments.

Even if we take out pain-less integration with Microsoft based authentication servers, like Active Directory (effectively done by use of pam_ldap and friends); PAM is supported by Linux and Sun. To summarise, if we can provided some sort of PAM compatiblity, it will make lives much easier as far as inter-operability is in the picture.

Also, I am not sure about the possiblity or the viability of what I am about to suggest; that is, things like ACLs should be done as an overlay over a file system, just like Quotas and the ability to make arbitrary file systems volumes as root file systems. So it would be like:

[ UFS ] -> [ ACL-FS ] -> FS visibility (w/ ACLs)

So then, supposingly, a VFS entry-point exists that can be used by the filesystem for storing the ACL information somewhere, be it on-disk, or temporarily in memory (depending on what type of file system it is ofcourse).

Ofcourse, adding ACL support to userland utilities is just a different ball-game altogether. :-)


Hiten Pandya

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]