[Security_sig] Security Gaps

Emily Ratliff emilyr at us.ibm.com
Thu Oct 13 11:53:41 PDT 2005






In no particular order, here are some Linux security gaps/wishlist:

Highly accurate open source static analysis tools (and all open source
projects making use of them)
Capability to run w/o root in a traditional DAC environment
      ala Solaris Process Rights Management
      Linux project: Olaf Dietsche's File system capabilities patch not
integrated
Integrated cryptographic framework - single point of FIPS certification
Secure virtualized containment (not SELinux) ala Solaris Zones/containers
or HPUX Secure Resource Partitions
      this often gets punted to Xen, but there is an advantage for having
both types of virtualized containment available
      Linux project: vserver not integrated
Easy to use RBAC tools (not talking about RBACPP)
Encrypted file system with per file encryption
      Linux project: eCryptfs + others not integrated
Whole disk encryption
Patch risk assessment
MLOSPP compliance may become an issue in the near future
Kernel crypto api improvements - asynchronous work underway, asymmetric
algorithms, GCM mode

I'd like to see IPSec be easier to set up and a centralized repository that
collects whether Linux IPSec and interoperate with various vendor VPNs and
the settings required for the VPNs that it can interoperate with (ala
monitor settings database or CDDB).
A tiny feature that I would like to see added to logcheck (may be there in
the latest release) is the ability to switch after a certain threshold from
telling me about attempts (for example, ssh login attempts)  from a certain
address to successes from that address. The attempts become uninteresting
and the successes are very, very interesting.

I haven't found anyone who cares but NIS+ is not available on Linux.

Other requests that we have received - default umask 037, no world
writeable directories (/tmp) on filesystems/partitions with setuid/setgid
binaries and log files.

A key Linux weakness that affects other areas as well as security is a lack
of integration between components.

Ed, want to comment on I & A gaps?

Emily

Emily Ratliff
IBM Linux Technology Center, Security
CISSP #51839
512-838-0409 (T/L 678-0409)
emilyr at us.ibm.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux-foundation.org/pipermail/security_sig/attachments/20051013/31763baf/attachment-0001.htm


More information about the security_sig mailing list