Ubuntu Wiki

No Open Ports

Default installations of Ubuntu must have no listening network services after initial install. Exceptions to this rule include network infrastructure services such as DHCP and Avahi. When installing Ubuntu Server, the administrator can, of course, select specific services to install beyond the defaults (e.g. Apache).

Executable code does not run without execute bit

• Applications, including desktops and shells, must not run executable code from files which do not have the executable bit.
  • For example, the GNOME or KDE MIME type handler must not circumvent this principle.

  • This includes *.desktop, *.jar, and *.exe files.

• Do not provide a workaround to run them anyway automatically - i. e., never juxtapose <long explanatory text> with <easy button that bypasses the text>

• Files downloaded from a web browser, mail client, etc. must never be saved as executable

Goals

• Programs that download executables from the internet should mark them with extended attributes saying where they're from, when, and what user, as well as not marked +x
• The error message when trying to open an executable file should:
  • explain why this may be a dangerous file
  • tell you how to change its permissions
  • not give you the option of launching it anyway
  • maybe give you the option of looking for trusted software instead
• CDROMs: CDs without Rock Ridge extensions have all files marked executable, so this doesn't block this (same with USB sticks).

CategorySecurityTeam