OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: RFD: security-newbie mailing list
From: Kurt Seifried (listuserseifried.org)
Date: Fri Aug 11 2000 - 23:11:38 CDT


> "Is this <config> secure?" is, perhaps, off-topic. But the
> differences between "<config>" and "<program>" are, in a lot of
> cases, often barely beyond trivial, especially when it provides
> interesting target-practice, or at least a potentially instructive
> "straw man".
>
> A novel side-charter for this list might include an aim to
> formalise various "obvious" topics that have been collectively
> deemed beneath us. How might we semi-mathematically explain
> the strengths and weaknesses of:

This is one aim of the Linux Security Knowledge Base.
http://www.securityportal.com/lskb/articles/
 
> * Linux "capabililies" (really privileges, but we knew that)
> * chroot
http://www.securityportal.com/lskb/articles/kben10000031.html

http://www.securityportal.com/lskb/articles/kben10000040.html
http://www.securityportal.com/lskb/articles/kben10000041.html
and many other articles that cover chrooting specific daemons (bind, etc.)

> * root vs non-root
this deserves an article.

> * "careful" (eg. nosuid,noexec) fs mounting
http://www.securityportal.com/lskb/articles/kben10000036.html

-Kurt