>> IP> A very better idea is to secure programs, and avoid programs running
as
>> IP> root.
>>
>> In ideal world - yes. In real world it does not work: programs are
created
>> by humans and thus holes are inavoidable in programs of decent size.
>I rather have a hole in my non-user running app then in some app that runs
>as root..
Is there any way to compromise root, via a buffer overflow or some other
means, even if the application using a non-previleged user id? Aren't there
situations where running a userland daemon requires root access. For
instance, arpd or a routing daemon (routed, gated) that needs be able to
write settings into the kernel?
Is it possible to configure the Linux kernel so that it is secure. If so,
what are your thoughts about including a configure option "make config" to
secure the kernel. So that unsecure functions were disabled when runnning in
mult-user mode? I understand this would break some userland apps (X,
multimedia apps, etc). However If your setting up a linux box as a firewall
or web server or a box that needs to very secure, I don't think these types
of apps would be installed anyway. Would there be really any need for direct
hardware access for a box serving as a firewall or Web server?
Would a "Sercure Kernel" compile option be an acceptable solution/compromise
to this issue?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:14 EST