Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: JW (jwcentraltexasit.com)
Date: Thu May 30 2002 - 18:25:46 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Ok, this isn't exactly SuSE specific but it's for a SuSE system, so please bear with me.
The reason I'm interestd in SE Linux (Re my previous few posts) is because it was suggested to me that I could use it to control what ports users have access to.
I'm a little confused. I've never dealt with this kind of severe security restrictions before and i feel out of my leauge.
Here's what I'm trying to do.
I have system users who are jailed in a chroot.
They will all be running their own system -- i.e. there own software and daemons, but _not_ their own kernel (tit's not VMware or usermode or anything like that)
They will each have their own IP address.
I have recompiled my kernel to allow common usesr to open ports < 1024 (yes, it works, yes, I'm a little crazy)
In my dreams at least, I'd like to be able to prevent all of the following:
1. They cannot access the host filesystem system
It's my understanding that on lInux, processes will still be able to access the host system.
At least, I got that impression from an article I was reading on FreeBSD jailing, where proccesses _can't_ access the host system.
2. They cannot acess any files anywhere except in their $HOME
Basically, something more then just chroot to keep them jailed away.
3. I want to be able to allow/disallow the ports they have access to.
4. I'd like to be able to prevent them from using any IP address but the ones allocated to them.
This is currently the worst problem. By default, everything they do (wrt the network) will attempt to use the base ip.
Some services like Apache can be set to use only one IP, which helps, and maight be sufficient, but I wish really badly that I could set up somethign in the hosts system that would make it appear as if there's only 1 IP on the system (per user)
5. Processes should not be able to "see" or interact with the host's/other users processes and filesystems.
It was suggested to me that SE Linux would allow fine grained controll over things like this, but I'm a little confused after reading some other things.
Can anyone offer any other suggestions/advise as to how I should go about this?
Have any of you done anything similar before?
Would you recommend any other form of system-wide acess control besides SE Linux?
All advice, ideas and pointers appreciated.
Please don't hesitate to ask for clarification if I did a bad job explaining any particular point (I usually do :-/ )
Cedar Creek Software http://www.cedarcreeksoftware.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
-- To unsubscribe, e-mail: suse-security-unsubscribesuse.com For additional commands, e-mail: suse-security-helpsuse.com Security-related bug reports go to securitysuse.de, not here