From owner-freebsd-security Fri Feb 13 14:34:52 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA22835 for freebsd-security-outgoing; Fri, 13 Feb 1998 14:34:52 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from fledge.watson.org (root@FLEDGE.RES.CMU.EDU [128.2.91.116]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA22781 for ; Fri, 13 Feb 1998 14:34:41 -0800 (PST) (envelope-from robert@cyrus.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.8.8/8.6.10) with SMTP id RAA18514 for ; Fri, 13 Feb 1998 17:20:59 -0500 (EST) Date: Fri, 13 Feb 1998 17:20:59 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org Reply-To: Robert Watson To: freebsd-security@FreeBSD.ORG Subject: Secure Linux patch (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk Per jmb's request, I am resending this message to make sure the mailing list works. I'd also, of course, be interested in discussion of the issues below. :) Robert N Watson Carnegie Mellon University http://www.cmu.edu/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ ---------- Forwarded message ---------- Date: Thu, 29 Jan 1998 15:43:01 -0500 (EST) From: Robert Watson Reply-To: Robert Watson To: freebsd-security@freebsd.org Subject: Secure Linux patch (fwd) It would be nice to have some of these features (see bottom of email) available on FreeBSD. I don't have the experience/knowledge to do most of this, or I would do it myself :). Most of these are really security work-arounds, and succeed in blocking a number of traditional attacks, although they do not fix the sources of the attack :). Better application writing is the only long-term solution, I suspect. We also have securelevel already, but I am not sure that the features they have match ours. BTW, in -current, has their been any thought to requiring that time monotonically increase (as BSDI has done) while in securelevel > 0? With appropriate use of single-user mode, xntpd, and ntpdate, this can be very useful. Robert N Watson Carnegie Mellon University http://www.cmu.edu/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ ---------- Forwarded message ---------- Date: Thu, 29 Jan 1998 19:31:39 -0300 From: Solar Designer To: BUGTRAQ@NETSPACE.ORG Subject: Secure Linux patch Hello, > mkdir /tmp/foo (no sticky bit on foo) > ln /etc/passwd /tmp/foo > mv /tmp/{foo/,}passwd Thanks for reporting this. A stupid problem, I should have thought a bit more of things like this. ;-) I wonder why noone reported it earlier... I wasn't going to release my new patch right now, but since I would have to release a fix anyway, ...here goes the full thing. You can get my new Secure Linux patch at: http://www.false.com/security/linux/secure-linux.tar.gz ftp://ftp.dataforce.net/pub/solar/secure-linux.tar.gz Features: * Non-executable user stack area * Link-in-/tmp fix (fixed;-) * Restricted /proc (extra functionality compared to original route's patch) * Improved securelevel support (finally really secure, and extra features) * Unofficial bugfixes (hope I'll be able to remove them when 2.0.34 is out) Signed, Solar Designer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message