Re: FreeBSD Security in Multiuser Environments

schultz@xxxxxxxxxx writes:
* Encrypted the whole (except /boot) system with geli(8)
(HMAC/SHA256 and AES-XTS). It is not as nice and much slower
than proper filesystem-level checksumming but it is what
FreeBSD provides (ZFS is too unstable).

ZFS is stable enough, but I'm a little confused: encryption is not
"checksumming", and ZFS provides checksums but not encryption.

* Disabled useless and potentially dangerous services: cron, devd
and sendmail.

These services are neither useless nor dangerous.

* Removed every setuid bit. The system works even then.

except users are no longer able to change their password or shell.

* Added a group sudoers and made sudo setuid only to users in
sudoers: would have avoided trouble with recent sudo exploit if
only trusted users have slaves.

I'm not sure what "made sudo setuid only to users in sudoers" means.
Perhaps you mean "executable only by users in sudoers"?

Also... all this and you didn't raise the securelevel? Didn't set
system binaries schg? Didn't remove unwanted binaries like rcp(1),
rlogin(1), at(1) etc?

As for using sudo to grant privilege, for each master-slave
relationship between users u and v, I have added a line like
"u ALL = (v) NOPASSWD: ALL" to /etc/sudoers. Then the user u is
supposed to become v by issuing "sudo -i -u v" and to execute a
command as v by issuing "sudo -i -u v ...".

I'm surprised there isn't a sudoers option to force -i; I'm sure Todd
Miller would be happy for a patch :)

Dag-Erling Smørgrav - des@xxxxxx
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: alternative file systems
    ... So this is a rather new feature. ... I prefer trusty mdadm for any RAID. ... ZFS would provide efficient redundancy and be ... And not having the checksumming has never caused a problem for me, ...
  • Re: FreeBSD Security in Multiuser Environments
    ... FreeBSD provides (ZFS is too unstable). ... "checksumming", and ZFS provides checksums but not encryption. ... on-disk encryption provides no additional protection against ... system users one should use standard UNIX permissions and ACLs. ...
  • Re: TM-Platte: Geboren, Gelebt, Gestorben, Reanimiert
    ... Dann hoffe ich stark, dass Du dann nicht auf ZFS setzt, denn ZFS ohne ... ECC-RAM ist einfach nur kontraproduktiv (und wirkt sich aufgrund des ... Wenn man alte Hardware mittels FreeNAS recycelt, ... man Checksumming nutzen ...
  • Re: where is zfs metadata stored
    ... read corrupt files all day long like nothing is wrong. ... If there is no checksumming you don't know when the data ... According to multiple tests silent data corruption is ... Actually ZFS is already much more mature than VxVM/VxFS offering. ...