4802789 2000-02-16 02:21 /80 rader/ Postmaster
Mottagare: Bugtraq (import) <9800>
Ärende: ANNOUNCE: Medusa DS9 security system
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: bugtraq@securityfocus.com
X-NCC-RegID: sk.napri
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.20.0002151638370.4039-100000@marsquake.terminus.sk>
Date: Tue, 15 Feb 2000 17:38:49 +0100
Reply-To: Milan WWW Pikula <www@BANAN.NAPRI.SK>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: Milan WWW Pikula <www@BANAN.NAPRI.SK>
X-To: medusa@medusa.fornax.sk, linux-kernel@vger.rutgers.edu
securedistros@nl.linux.org, bugtraq@securityfocus.com
security@rak.isternet.sk, linux@linux.cz
linux-security@redhat.com
To: BUGTRAQ@SECURITYFOCUS.COM
Greetings,
I'd like to announce the release of stable version of the security
system Medusa DS9. It's purpose is to increase the security of OS Linux.
Medusa it one of projects of the Slovak Linux user group (SkLUG).
It can be downloaded at
http://medusa.fornax.sk/
Medusa consists of two major parts - linux kernel changes and the user-space
daemon. Kernel changes do the monitoring of syscalls, filesystem actions,
processes and they implement the communication protocol. Security daemon
communicates with the kernel using character device to send and receive
"packets". Daemon contains the whole logic and implements the concrete
security policy. That means, that medusa can (as opposite to another
approaches) implement any model of data protection - it depends only on
configuration file, which is in fact an program in the internal programming
language, somewhat similiar to C.
At the logical level there are these changes:
* separation of processes, files and IPC to the independent groups
(virtual subsystems)
* ability to detect, disable or modify any system call from any process
* ability to detect, ... selected "process actions" like sending signals,
exec, ...
* ability to detect, redirect, ... selected file actions, such as access
to the file and so
* ability to enforce process to execute an arbitrary code. This feature
is usefull to enforce logging drom that process and so.
I'd like to answer some of frequently asked questions here:
Q what relation is between medusa and capabilities?
A medusa SUPPORTS linux capabilities and can test, set or change them.
Q how remarkable is the slowdown of this communication between the kernel
and user-space daemon in the real usage?
A actually it's insensible. medusa was designed with the question of speed
in mind, so all informations are stored in kernel. you can specify exactly
what actions do you need to be watched. on the real servers with about 50
shell-account users, where we test medusa, is traffic about 11 packets
per second or less.
the fact that the daemon is in userspace, gives it the comfort in
deciding about security reasons and it increases the portability of
the whole system. (bsd?:)
Q where it works?
A linux 2.2.13, 2.2.14, intel. SMP is not fully tested, but it's reported
to work. we are working on alpha port and other platforms will follow.
Q where can I find more information?
A at http://medusa.fornax.sk/ and in ``doc'' subdirectory in the source
package.
Kind regards,
Medusa development team
Marek Zelem
Martin Ockajak
Milan Pikula
--
Milan Pikula, WWW. Finger me for Geek Code.
http://fornax.elf.stuba.sk/~www, www@fornax.elf.stuba.sk
.. dajte mi pevnu linku a pohnem zemegulou ..
(4802789) ------------------------------------------
4807835 2000-02-17 11:11 /37 rader/ Postmaster
Mottagare: Bugtraq (import) <9822>
Ärende: Re: ANNOUNCE: Medusa DS9 security system
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: BUGTRAQ@SECURITYFOCUS.COM
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.21.0002152205430.7827-100000@eckhart.stderr.org>
Date: Tue, 15 Feb 2000 22:32:39 -0600
Reply-To: elijah wright <elw@DNS1.STDERR.ORG>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: elijah wright <elw@DNS1.STDERR.ORG>
X-cc: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.20.0002151638370.4039-100000@marsquake.terminus.sk>
> communicates with the kernel using character device to send and receive
> "packets". Daemon contains the whole logic and implements the concrete
> security policy. That means, that medusa can (as opposite to another
[...]
> * ability to enforce process to execute an arbitrary code. This feature
> is usefull to enforce logging drom that process and so.
the fact that your program has both a userspace and a kernel-space
component makes it almost immediately suspect as "vulnerable". kind
of funny for me to get to reply to a "security tool" announcement
with a notice-of-warning.
has the source to the userspace module been audited yet? hopefully by
someoen other than the authors?
that last part sounds like it might make, with a few mods, a great
3l33t h@x0r tool :) perhaps it might be most useful to someone good
enough to get a rootshell but not good enough to hack away at the
process table by themselves.
all in all, this thing scares me.
elijah
(4807835) ------------------------------------------(Ombruten)