work given some additional privilege, or
>is this fundamentally disallowed?
>
>(BTW, I realise that this is all possible if the door server runs in the
>global zone. I'm trying to get maximum containment of a trusted function.)
>
>Thanks
>
>Mike
>
>_________
iscuss-request at opensolaris.org?subject=unsubscribe>
>List-Id: OpenSolaris Security Discussions
>
@@@@@@@@@@
Jan Parcel, Sustaining, Trusted OE
Internal Trusted Support Pages: http://trusted.sfbay
since I see only a
>violet color on the screen.
>
>The different workplace zone cloned from 'public' works.
>
>Any idea?
>
>--
>Piotr Jasiukajtis | estibi | SCA OS0072
>http://estseg.blogspot.com
>___________
>security-d
ists in all zones and make sure you are patched up and and.
>Thanks,
>Dan
>
>
>--- On Wed, 11/2/09, Jan Parcel wrote:
>
>> From: Jan Parcel
>> Subject: Re: TX on b105 - network config
>> To: security-discuss at opensolaris.org, danjagor at yahoo.co.uk
&
ow, after
>that
setting session clearance... and thats it
>
>Can't find any suspicious log or information why.
>
>Many thanks,
>Dan
>--
>This message posted from opensolaris.org
>_______
>security-discuss mailing list
>sec
zones does not appear to umount passwd and shadow.)
>>
>>
>>
>>> -- Jeff
@@
Jan Parcel, Sustaining, Trusted OE
Internal Trusted Support Pages: http://trusted.sfbay
file is specifically not cached.
getspnam(3C) calls remain uncached as a result.
@@@@@@@@@@
Jan Parcel, Sustaining, Trusted OE
Internal Trusted Support Pages: http://trusted.sfbay
dt, apache configuration, lots of things come to
mind.
@@@@@@@@@@
Jan Parcel, Sustaining, Trusted OE
Internal Trusted Support Pages: http://trusted.sfbay
oving /usr/bin/passwd from the labeled zones is that
it operates on the local end, instead of the global zone shadow file, so
any changes get overmounted or discarded or something next zone reboot.
(I have been unable to check the exact mechanism here because shutting down
the zones does not appear to umount passwd and shadow.)
>-- Jeff
>___
>security-discuss mailing list
>security-discuss at opensolaris.org
@@
Jan Parcel, Sustaining, Trusted OE
y to resolve this issue? Thanks.
>
>I am running OpenSolaris 2008.11 on a 64-bit VMWare Server 1.0.8 guest.
>--
>This message posted from opensolaris.org
>___
>security-discuss mailing list
>security-discuss at opensolaris.org
@
functionality for TX to serve as a gateway between
>multiple multi-label networks.
@@
Jan Parcel, Sustaining, Trusted OE (650)786-0044
Trusted Support Pages: http://trusted.sfbay
>Fernando
>
>
>This message posted from opensolaris.org
>___
>security-discuss mailing list
>security-discuss at opensolaris.org
@@
Jan Parcel, Sustaining, Trusted OE
The assumption that things are under single administration is a huge problem
for my customers. The whole point of all this protection and security
and labeling is the post-9/11 requirements for cooperation BETWEEN
administrative departments, which means each one wants to gate between
themselves
the libraries called by suid binaries, so these DID get more
security attention than non-suid binaries.
@@@@@@
Jan Parcel, Sustaining, Trusted OE (650)786-0044
Trusted Support Pages: http://trusted.sfbay
I have seen some sites where they create a rootuser user for the
root role, or a site_admin user for the admin role.
This defeats the purpose of roles!
You can give rights and privileges to users anyway, the reason to
give them to a role instead is so that you know exactly which human
being did
What is meant by TX43 ?
When did the expanded nscd go into Open Solaris?
>Date: Fri, 05 Oct 2007 13:46:40 -0400
>From: Ken Powell
>Subject: Re: [security-discuss] TX43 with Multiple Network Interfaces?
>To: Ira Bargon III
>Cc: security-discuss at opensolaris.org
>Ira Bargon III wrote:
>>> The
l boot. But for that, you'd need to look at the future
txzonemgr release.
>Date: Wed, 03 Oct 2007 07:42:52 -0700 (PDT)
>From: Jan Parcel
>Subject: Re: [security-discuss] TX43 with Multiple Network Interfaces?
>To: ira.bargon at gmail.com, security-discuss at opensolaris.org
>
>This is why i thought the local zone is directly contacting the
>global zones LDAP server.
>
>Am i misinterpreting the documentation? Should my local zone be a
>ldap client of the global zone's LDAP server?
>
>Thanks,
>Ira
>On Oct 2, 2007, at 11:43 PM, Jan Parcel wrot
The normal design is that the local zones contact the global zone,
which does the work after judging label dominance and privs etc.
This is done via nscd aka /services/name-service-cache. The
local zones don't contact the ldap server directly.
If the local zones are not getting whatever informa
But it's not necessary for files, and CANNOT run without ldap,
so the man page should not make it sound like it is needed for files.
>Date: Mon, 01 Oct 2007 18:04:19 -0700
>From: Jarrett Lu
>Subject: Re: [security-discuss] tnd dependency of ldap-client
>To: Jan Parcel
>Cc:
This sounds like a documentation bug. The man page makes tnd sound like
it's the same as Trusted Solaris 8, so I had the same confusion (except
I had the confusion without the man page, since I'm a TS8 person)
File a man page bug?
>Date: Mon, 01 Oct 2007 09:26:10 -0700
>From: Glenn Faden
>
A workaround patch is available on SunSolve.
A better fix is in progress for later patching.
>Date: Wed, 12 Sep 2007 07:24:54 -0700 (PDT)
>From: Jan Parcel
>Subject: Re: [security-discuss] Changing password
>To: esmith at delex.com, Glenn.Faden at sun.com
>Cc: secu
>This may be related to:
>
> CR 6562771 getspnam(3C) requires more than all privs
>
>
>What version of TX are you running? A patch has been generated for this
>problem, and I think it is now available on Sunsolve.
The patch is in progress and will not be available for awhile. The
fix is putback
Some networking programs and/or code require INADDR_ANY, which
is #defined to 0.0.0.0, to be usable (it is not a real address, so it is not
insecure in itself) but tnrhdb uses 0.0.0.0 as 4 wildcards, so it is insecure.
So if you can have EXACTLY 0.0.0.0 be admin_low but NOT have it mean *.*.*.*
t
>Jarrett
>
>Yes I assigned the user scott the net_bindmlp priv in the SMC so its
>"always on" so to speak.
I don't think you can do "always on"
You can only assign it to scott when running listed programs. Even "all" is
only a certain list (which can be added to.)
If one of your programs is n
>What if I want a unique IP address per local zone, does that require
>not having any interface marked as 'all-zones'?
Also, this is a very difficult configuration, unless all addresses are
on the same subnet. It requires additional routing scripts that
run after zones boot, and other tinkerin
er (for printing and nfs)
11.2.3.4 (public zone) sunhost-public (or maybe some other name,
like "sfbay-wiki")
192.168.2.3 (need to know zone) sun-financials
>On May 18, 2007, at 1:06 PM, Jan Parcel wrote:
>
>> The hostname for t
The hostname for the local zone must be the same as the all-zones address,
really there's no such thing as an address "in the global zone" for
all-zones, it's really in all zones.
The additional address in the local zone must be *additional* it cannot
be the hostname.
>Date: Fri, 18 May 2007 09:
The recommended method for transferring files is tar (using the T option)
-- the TX tar has been specially coded to understand TS8 tar T files.
Given that they're both CIPSO you can ftp the tar T file.
There are recent TS8 tar patches, you'll want to get those.
The file systems are different,
that introduce new network features?
I'll let someone more familiar with the all-zones bug answer any further
questions.
>Date: Wed, 11 Apr 2007 13:16:21 -0700 (PDT)
>From: Jan Parcel
>Subject: Re: [security-discuss] Labeled Zones in TX on different subnets?
>To: security-discuss a
The problem is probably that your choices do not go with the all-zones
interface.
The all-zones interface is for when you do NOT want different ip addresses
for each zone, or when you don't want different ip addresses for each
labeled zone.
Under "Associating Network Interfaces with Zones" it say
Wow, great intro! Especially what NOT to do.
I'm a little concerned about the wording
"Trusted Extensions takes the concept of a local-zone and puts a clearance
framework around it."
This is so clear, I'd hate to ruin it, but putting a clearance framework
around it isn't all that was done --
>On Monday, February 26, 2007 03:38:16 PM -0800 Darren.Reed at Sun.COM wrote:
>
>> If Microsoft can hide usernames and passwords in their
>> registry in a manner that defeats at least casual browsing,
>> what can we do?
>
>Putting something in the registry does not defeat casual browsing; if you
I've heard from old-old-oldtimers, back in the epoxy-disk days, that
even after this type of erase the old epoxy disks could sometimes be
read via etching combined with electron microscopes -- the (relatively) new
sputtered aluminum finishes probably changed that. So back in the epoxy days,
disks
>I think we're close to a direction. I definitely agree this should be
>an authorisation and not something set in /etc/default/passwd. The only
>case where I think this may be bad is with certain customers
>(financial, government, etc) may not like this default behaviour. Some
>customers don't wan
lo0:1:
>>> flags=2001000849 mtu
>>> 8232 index 1
>>> inet 127.0.0.1 netmask ff00
>>> ni0:3: flags=1000843 mtu
>>> 1500 index 2
>>> all-zones
>>> inet 172.16.0.4 netmask broadcast 172.16.255.255
>>>
>>> Now, I may be missing something
36 matches
Mail list logo
