Re: User?s and Shells
From: Nicole Nicholson (nanicholson@hotmail.com)
Date: 12/27/02
- Previous message: Jim Clarke: "Re: RE : quotas on Redhat 7.3 problem"
- Maybe in reply to: Brian Hatch: "Re: User?s and Shells"
- Next in thread: Zow: "Re: User?s and Shells"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Nicole Nicholson" <nanicholson@hotmail.com> To: focus-linux@securityfocus.com Date: Fri, 27 Dec 2002 07:44:57 -0800
Some other questions & thoughts on this subject...
(1) What ever became of sudo? I remember it being plagued with some
problems in the past. Has this become a reasonable alternative to give
non-privileged users the ability to execute privileged commands?
(2) CERT has source code for a "noshell" program for Solaris at:
http://www.cert.org/security-improvement/implementations/i049.02.html
I'm sure it can ported relatively easily.
(3) If you are REALLY serious about preventing privilege escalation, and
don't mind a little kernel hacking, you probably also want to be aware of
some of the "Trusted" OS projects.
SE Linux (compliments of our tax dollars):
http://www.nsa.gov/selinux/index.html
and TrustedBSD:
http://www.trustedbsd.org
These are not to be taken lightly. They are still in development but pose
an interesting solution to many of the core Unix security problems.
Cheers.
-Nicole
_________________________________________________________________
MSN 8: advanced junk mail protection and 3 months FREE*.
http://join.msn.com/?page=features/junkmail&xAPID=42&PS=47575&PI=7324&DI=7474&SU
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_advancedjmf_3mf
- Next message: Zow: "Re: User?s and Shells"
- Previous message: Jim Clarke: "Re: RE : quotas on Redhat 7.3 problem"
- Maybe in reply to: Brian Hatch: "Re: User?s and Shells"
- Next in thread: Zow: "Re: User?s and Shells"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
