here is a little idea we've been thinking about for the past 9
months or so. Security is always a major concern in all networks big and
small. There are recepices all over the net on how to smash buffers and
stacks of weekly designed code that could be running on my machine as we
speek.
All these "exploits" have one thing in common though. They give
root access, by copying an suid shell somewhere (or whatever) and that a
wiseguy out there could use this to telnet on my box as root (yes, I AM
paranoied).
We thought of an simple scheme to counter this. We could dynamicly
alocate the root ID. Meaning that somewhere in /proc, there is a file
awating to be edited and that could change the root ID (and all of the
processes that run whith this uid) from 0 to whatever I want, anytime,
without rebooting my system. I understand that this would imply making
some system calls lie about the actual ID's of the real root user, his
processes and owned files.
It could even be possible to register in /proc, all of the files
that root alows to be suid to him. Of course, all of the files on the disk
wouldn't have to change, and a user named root would still use uid 0, but
wouldn't have any special privileges.
I've studied the sources (and still am, aided by online documents
and books) and I find this feasible. Actually, I was planning to implement
this for my self. This is a lot of work (at least for me) and I was
woundering if anybody could give me some feedback on this idea. Am I out
of my mind, could this be something that the community would use or just
me, could this become an actual part of some version of the kernel, etc...
Any feedback on the subject would be very appreciated.
Thank you
Papi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/