HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > How to design secure network applications based on privilege separation
Go to: HSC Trainings
Search:  
Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication
 
 
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|How to design secure network applications based on privilege separation  
> Access to the content HTML Beginning of the presentation
PDF PDF version [66KB]  
> Description What are the basic security functionalities under Unix needed to build privilege separation and how to use them to design more secure applications  
> Context & Dates Talk made during Libre Software Meeting 2002, on 11 July 2002.
 
> Author Denis Ducamp  
> Type 45 slides [ French/English - HTML ]
Also available, a PDF file [PDF - 66KB]  
> Abstract &
Table of content
Flyleaf
Objectives
The sys-admin point of view
The sys-admin point of view
Objectives
Objectives
Definition
When
When
When
When
The studied server
Change its identity
Change its identity
Change its identity
Change its identity
Change its identity
Change its identity
Change its group
Change its secondary groups
Examples of changing its groups
Duplication
Putting a process in a cage
Putting a process in a cage
Inter process communication
Inter process communication
Inter process communication
Inter process communication
Inter process communication
Inter process communication
Other interesting code in in.shd
Authentication example
Command execution
Command execution
How to conceive a network application
An example of such an application
Real applications
popa3d
vsftpd
OpenSSH
telnetd
postfix
Conclusion
Thanks
End ...  
> Related documents
themeSecure Programming
[Course]  Secure Programming
[Presentation]  Application security [23 October 2008 - French]
[Presentation]  Feedback from PHP applications assessment [21 November 2007 - French]
[Presentation]  Evolution of Cross-Site Request Forgery Attacks [1 June 2007 - French]
[Presentation]  Web 2.0 : more ergonomic... and less secure ? [22 May 2007 - French]
[Presentation]  Security in software developments [11 May 2007 - French]
[Presentation]  PHP and security [27 November 2003 - French]
[Presentation]  Secure programming and software traps [18 March 2002 - French]
> Copyright © 2002, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 23 October 2002 at 13:36:51 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants