Re: Secured vs. Security Distros and Wish Lists

[Domas Mituzas <midom@dammit.lt>]

> toys). Once you have a shell running, with a network connection, you
> can find a way to bring anything in you want.

here comes the issue of secured kernel in a secure system. with linux 2.0
when securelevel is >0 no such toys are working... neither tcpdump,
neither nmap. so, when talking about secure distro there should be thought
about such projects as linux-privs, medusa etc. only kernel-level
protection can help from kiddies.

and about solaris - that ufs patch really was not working (I was script
kiddie once... :( there can be no compilator, but nobody can stop kiddies
from sending precompiled binaries via ftp/mail/scp/rcp/whatever works :-)
it can be even done by using printf "\25\132\..." script, generated on
other computer and pasted into terminal :-) So the possible guidelines for
secure linux distribution may be:

	1. restricted exec()
	2. securelevel on 2.0
	3. securebits on 2.2
	4. linux-privs on 2.3 (2.2?) - capabilities.
	5. something in medusa kernel - checking it right now
	6. chrooted environments (as vaults in hp vvos)
	7. no system at all (or hp virtualvault :-)

this may sound like a paranoia, but if there are no such linux
distributions, people may use redhat. userspace programs can be
installed/upgraded/removed everywhere.

another thing in trusted os should be auditing. I saw something happening,
but it didn't reach users right now. again, auditing should be kernel
level (syslog is still userlevel thing :-/ )

With respect,
Domas Mituzas

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/