Linux's Security Capabilities
6.1 Security patches
restricted /proc partition:
each user has only access to the data concerning his processes and a special group has acces to all the data of all processes.
<http://underley.zakopane.top.pl/linux/restricted-procfs.html>
or
<http://www.underley.eu.org/linux/>
by Daniel Podlejski
<underley@zakopane.top.pl>
restricted links and FIFOs in /tmp:
A process has access to a link or a FIFOs in /tmp only if he owns it or if it belongs to root.
<http://www.sekure.org/english/resources.html>
(not available anymore)
by Sekure SDI
<http://www.sekure.org/>
(Brazilian Info Security Team)
Special handling of fd 0, 1, and 2 at startup of SUID/SGID binary.
those files have a special meaning for the C library and lots of programs.
they're often referenced by number.
Non-executable user stack area:
the stack area is made non-executable, buffer overflow vulnerabilities become harder to exploit.
the biggest problem is caused by the glibc 2.x programs that use trampoline jumps.
Kernel must detect and emulate trampoline jumps
It is (theoretically) possible to deceive this functionnality and execute buffer overflows.
Linux's Security Capabilities
® ©
Hervé Schauer Consultants
2000 - 4 bis, rue de la gare - 92300 Levallois-Perret
Phone : +33 141 409 700 - Fax : +33 141 409 709 - Email : <secretariat@hsc.fr>
Linux's Security Capabilities
Linux's Security Capabilities
Linux's Security Capabilities
® © Hervé Schauer Consultants 2000 -
4 bis, rue de la gare -
92300 Levallois-Perret