Saturday, January 01, 2005

Spinning a secure setting

I've been a Hardened Gentoo user for a while. I don't use the full set with SELinux/GrSecurity, Prelude, and whatever else they like to throw at people; but instead use a few basic things like a security hardened gcc that produces PIE binaries with stack smash protection (paper).

It may come as a surprise to you, but these weren't terribly painful for me to get on my system. I won't say that the Hardened team didn't do their fair share of work; they did enough mapping out which packages break from what, trying to fix obscure bugs they find because of this breakage, and just in general trying to make this stuff work in the first place. Once it's known how to do it, however, it's fairly simple to upkeep.

It may also surprise you that I find these suitable for widespread use on "user-friendly" distributions. These particular technologies also don't generate any extra administration duties once in place. No extra passwords are needed, no added steps in installing programs need to be taken. If a distribution supplies these things, then the user doesn't even have to think about them.

After using some transparent security features, I became quite attached to PaX (Wikipedia) and SSP. I even produced an article for LWN.net about them. This prompted no action, but was still fun to do.

After a while, I took a look at Ubuntu Linux and read through their Security Notices to produce a simple analysis of the potential impact of PaX and SSP. In the end it seems like 40-60% of notices contain potential intrusions which can be reduced to DoS attacks, which although annoying do not open the path for local attacks or worm spreading.

Based on the above analysis, I also found there to be facilities to help programmers easily close off another 20% of local attacks. These are related to the creation of temporary files and directories, which makes potential bugs easily recognizable in source code audits. The supplied facilities handle what is normally doable in a handfull of code with at most two lines of code, and so are easier for programmers to use than the other, less secure methods.

Any distribution could easily deploy these things in a sane manner. It would be work, but not difficult work, although perhaps tedious to start up. Maintaining the changes would be very minimal effort. I believe this is the direction Linux distributions will follow, the direction they should follow.

2 Comments:

Blogger wow power leveling said...

Why was there no follow on bankruptcy then? The bailout of AIG FP went to (wow power leveling) hedge funds that bound credit swaps on Lehman failing or others betting on rating (wow power leveling) declines. AIG has drained over 100 billion from the government. Which had to go to those who bet on failures and downgrades. Many of whom (power leveling)were hedge funds. I-banks that had offsetting swaps needed the money from the AIG bailout or they would have been caught. Its an (wow powerleveling) insiders game and it takes just a little bit too much time for most people to think (wow gold) through where the AIG 100 billion bailout money went to, hedge funds and players, many of whom hire from the top ranks of DOJ, Fed, Treasury, CAOBO
wow goldwow goldwow goldwow gold CAOBO

9:54 PM  
Blogger office said...

The Tax Return Crack-Up<4>
Realizing he might have dug himself in there,Microsoft Office 2010the general emphasized that Office 2010he had spent some time as a junior Office 2007officer working "very closely Microsoft Officewith the Israeli air force" and that heMicrosoft Office 2007had found that "more cosmopolitan,Office 2007 key liberal version of the Israeli population" Office 2007 downloadto be just chock full Office 2007 Professionalof that sort of "goodwill" necessary Windows 7to give a bunch of land back Microsoft outlook 2010to the Palestinians.

4:15 AM  

Post a Comment

<< Home