ProactiveSecurityRoadmap
Revision 5 as of 2005-04-11 21:37:40
Clear message
People
Goal
Proactively improve security for Breezy
Requirements
- Run cron as non-root?
- Run dhclient3 as non-root?
- Run dhcpd3 as non-root?
Change unix_chkpwd from suid root to sgid shadow (see [http://bugs.debian.org/155583 #155583])
- Compile-time stack protection?
- Eliminate inetd from base
- Non-executable stack for i386?
Agenda
Pre-Work
- Research privilege requirements of cron
- Research privilege requirements of dhclient3
MartinPitt: normal user with CAP_NET_RAW and CAP_NET_BIND_SERVICE; needs a suid wrapper to call /etc/dhcp3/dhclient-script; prototypical package available; pending security review of dhclient-script (proper quoting, etc.)
- Research privilege requirements of dhcpd3
MartinPitt: normal user with CAP_NET_RAW and CAP_NET_BIND_SERVICE for initialization phase; can be dropped after socket creation; prototypical package available
- Search for implicit dependencies on inetd via netbase
- Determine requirements for compile-time stack protection in gcc (4.x?)