| View previous topic :: View next topic |
| Author |
Message |
_puck_
Tux's lil' helper
Joined: 12 May 2002
Posts: 111
Location: Kaiserslautern / Germany
|
 Posted: Sun Jan 16, 2005 12:05 pm Post subject: protecting files from root |
 |
|
Hello there.
I have a question regarding file access using modern linux security enghancements. In a production environment it may be possible, that even the administrator is not allowed to access all files on a certain system.
Is there any mechanism (SELinux, RSBAC, etc.), that could make that possible? And if it so, I would be glad if someone could point me in the right direction, how it could be done.
As an alternative it would be sufficient to have an access-log, to prove who was accessing the files.
Am I alone with such requirements?
_________________
regards
puck
___________________________
#There is more than one way to do it. |
|
| Back to top |
|
 |
Xerxes83
Tux's lil' helper
Joined: 20 Oct 2004
Posts: 127
Location: The Netherlands
|
| Posted: Sun Jan 16, 2005 12:14 pm Post subject: |
|
|
| As you indicate RBAC is your answer. I use grsecurity, which is a lot easier to install/configure than the other ones. See http://www.grsecurity.net/. |
|
| Back to top |
|
|
kill
Apprentice
Joined: 25 Dec 2004
Posts: 179
|
| Posted: Sun Jan 16, 2005 2:36 pm Post subject: |
|
|
| chattr with the i or u option should make root unable to delete a file. However root can always remove the setting and then delete the file. |
|
| Back to top |
|
|
_puck_
Tux's lil' helper
Joined: 12 May 2002
Posts: 111
Location: Kaiserslautern / Germany
|
| Posted: Sun Jan 16, 2005 3:30 pm Post subject: |
|
|
Actually I'm searching for a way to prevent root from seing the content of specific files and, more general, from seing directory content.
I would like to be able to administrate the system, but don't have any contact with the user data.
Thanks for the hint with the R(S)BAC. I made a UML-Kernel and will be testing it as soon as possible. Also I must note, the documentation in this area is not as far as for other "new features".
I found this gentoo specific information:
http://www.gentoo.org/proj/en/hardened/grsecurity2.xml#doc_chap3
_________________
regards
puck
___________________________
#There is more than one way to do it. |
|
| Back to top |
|
|
Xerxes83
Tux's lil' helper
Joined: 20 Oct 2004
Posts: 127
Location: The Netherlands
|
| Posted: Sun Jan 16, 2005 4:46 pm Post subject: |
|
|
An example of hiding a directory for root would be (with grsecurity):
| Code: | role root uG
subject / {
/bin h
} |
Of course this is part of a larger config, but it demonstrates how easy it is. The directory /bin will not be visible as root this way.
If you want to do more than just hide directories (and RBAC systems are intended to do more), you can give every process just the rights it needs to operate. In the case of grsecurity you only have to set the rights a program needs to have after it has started. This is because grsecurity is not started with the kernel but must be told to start enforcing the policy (so don't forget to add an init-script for that). If you want to administer your system you go into a special role. While in that role you and all the programs you start have the 'normal' root rights. As soon as you log out of the role all programs you started while in the role will have their normal security policy in place again. This is needed if you for example want to restart a service (since a service might need certain rights during initialization, which are no longer required after). Fortunately creating a policy for every program (read: service) is made relatively easy by grsecurity using the learning mode. |
|
| Back to top |
|
|
ai
Apprentice
Joined: 21 Mar 2004
Posts: 227
Location: Poland, Krk
|
| Posted: Sun Jan 16, 2005 6:24 pm Post subject: |
|
|
RSBAC is a really powerful feature, and i advice u to give it a try 
For documentation just look here : http://rsbac.org/documentation/
at the section Articles (reverse order) (alles ist auf deutsch )
_________________
just nothing  |
|
| Back to top |
|
|
|
Networking & Security
