Re: aide or tripwire
From: Seth Arnold (sarnold@wirex.com)Date: 12/21/01
- Previous message: Kurt Seifried: "Re: aide or tripwire"
- In reply to: Philipp Schulte: "Re: aide or tripwire"
- Next in thread: Jason Kohles: "Re: aide or tripwire"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 21 Dec 2001 14:17:32 -0800 From: Seth Arnold <sarnold@wirex.com> To: focus-linux@securityfocus.com
On Fri, Dec 21, 2001 at 03:28:22PM +0100, Philipp Schulte wrote:
> No, using the kernel capabilities (http://pw1.netcom.com/~spoon/lcap/)
> can give an additional layer of security. One can't simply "chattr -i"
> if the specific capability has been removed.
Note that the *BSDs have 'securelevel' settings that allow immutable to
be turned on in any securelevel state, but can only be turned off in an
insecure state.
As a hint, I would love to see similar support for Securelevels in the
linux kernel, perhaps implemented through an LSM interface. (I've been
meaning to do it myself, but .. there isn't enough time in each day. So,
I offer it as a fun yet hopefully small project for those interested in
kernel programming. :)
Cheers!
-- Find out why the United States jailed a Russian citizen over a lecture: http://www.anti-dmca.com/
- application/pgp-signature attachment: stored
- Previous message: Kurt Seifried: "Re: aide or tripwire"
- In reply to: Philipp Schulte: "Re: aide or tripwire"
- Next in thread: Jason Kohles: "Re: aide or tripwire"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
