On Sun, Jun 17, 2001 at 07:55:40PM -0800, Ethan Benson wrote:
a bit. lids makes system adminsitration utterly impossible. unless
you leave enough holes open which an attacker can use to bypass it
all.
well nearly...
at least you can prevent new or unknown process/files from acessing stuff.
If there is an exploit for an existing piece of software you are back at
square one.
The advantage is extremely granular control: a program at a specific inode
can be given capabilities while everything else has them refused.
the disadvantage is that you end up with a million little holes (complexity)
fortunately the files that have these added capabilities are also
protected (from trojaning - buffer overruns etc still work)
the thing is once you make exceptions for the system adminsistrator to
use to maintain the you open the holes the attacker needs to trojan
your system and to remove the additional obsticales you installed.
yes it is possible with lids, but it is a _lot_ harder:
processes can be hidden.
binaries RO (trojaning is difficult)
logs append
/etc/somefile can only be read when you allow it.
system adminsitrator == root
cracker == root
cracker==root sysadmin==root+LIDS_password
if someone can sniff me typing in my lids password (encrypted in the kernel)
then I am stuffed.
In short Lids can be a pain to set up, but would also be a pain to crack,
especially if the cracker doesn't know exactly which rules I have set up.
a good cracker could do it.
btw I notice that they are still working on fork bomb protection. that would
be nice :)
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
