[Security_sig] Proposed list of needed profiles
chrisw at osdl.org
Thu Sep 2 11:25:01 PDT 2004
Some thoughts below.
* Ed Reed (ereed at novell.com) wrote:
> Here's the list of Linux configuration profiles for which I think we
> need something that amounts to security protection profiles:
> Linux roadwarrier laptop
Things like VPN access (ipsec), safe key storage, encrypted disk?
> Linux enterprise departmental file/print/mail server
Not running as root, plus chroot (or better, separate namespaces) could
go quite a ways here. Roles...??
> Linux enterprise departmental desktop (centrally managed, not developer
Mobile code is the typical attack vector. Lot's of client side exploits
coming up lately. Does this user never install new things or do config
changes (that's how I'm interpreting centrally managed). User isn't
root, but client side exploit could easily leak senstive info to
> Linux enterprise data center application server
What are the security issues here? And in DCL parlance, does the web
server below classify as and edge server (standard three-tiered setup).
> Linux Internet Web server
Hardest thing here (IMHO) is all the server side scripting. These are
typically embedded in the web server and therefore transition to
security domain specific to script is challenging. And if it were
possible, it becomes a tough admin challenge to manage all the
> Linux network infrastructure appliance
Hmm, likely to have only ssh exposed, right? Is this one easier to
secure? Do we care about the admin after they've authenticated?
> Linux datacenter database server
I see two seperate domains here. One is securing the system db server
processes. Other is proper roles/auth w/in the database itself. SQL
injection attacks can wreak havoc on a system that has highly confined
web scripts and database server (in the MAC sense) if the database
doesn't have roles defined.
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
More information about the security_sig