ProactiveSecurityRoadmap

Differences between revisions 3 and 4
Revision 3 as of 2005-04-11 15:56:58
Size: 642
Editor: pD9E85D28
Comment: added unix_chkpwd derooting target
Revision 4 as of 2005-04-11 17:32:49
Size: 883
Editor: pD9EB3B59
Comment: updated status of dhcpd3
Deletions are marked like this. Additions are marked like this.
Line 24: Line 24:
 * Research privilege requirements of cron, dhclient3, dhcpd3  * Research privilege requirements of cron
 * Research privilege requirements of dhclient3
 * Research privilege requirements of dhcpd3

 MartinPitt: normal user with CAP_NET_RAW and CAP_NET_BIND_SERVICE for initialization phase; can be dropped after socket creation; prototypical package available

People

Goal

Proactively improve security for Breezy

Requirements

  • Run cron as non-root?
  • Run dhclient3 as non-root?
  • Run dhcpd3 as non-root?

  • Change unix_chkpwd from suid root to sgid shadow (see [http://bugs.debian.org/155583 #155583])

  • Compile-time stack protection?
  • Eliminate inetd from base
  • Non-executable stack for i386?

Agenda

Pre-Work

  • Research privilege requirements of cron
  • Research privilege requirements of dhclient3
  • Research privilege requirements of dhcpd3

    MartinPitt: normal user with CAP_NET_RAW and CAP_NET_BIND_SERVICE for initialization phase; can be dropped after socket creation; prototypical package available

  • Search for implicit dependencies on inetd via netbase
  • Determine requirements for compile-time stack protection in gcc (4.x?)

UbuntuDownUnder/BOFs/ProactiveSecurityRoadmap (last edited 2008-08-06 16:18:54 by localhost)