[rsbac] kernel user management questions
Dmitry V. Levin
ldv at altlinux.org
Thu Feb 3 16:44:23 CET 2005
Hi,
On Thu, Feb 03, 2005 at 09:58:54AM +0100, Amon Ott wrote:
[...]
> On Donnerstag 03 Februar 2005 06:03, sftf at yandex.ru wrote:
> > Will you be so kind as to answer on couple questions?
> > 1. What benefits of "in-kernel user management" against
> > traditional Linux user management subsystem?
>
> The traditional Linux user management, specially the common
> passwd/shadow scheme with PAM, has several security problems:
>
[...]
> 2. No granularity:
> If a process has access to sensitive account or even authentication
> data of one user, it has access to the same for _all_ users in the
> system, even the administration accounts.
>
> 3. Changing passwords:
> Because of 2., a program which allows password changes by the user
> (usually passwd), also has access to all passwords. An admin account
> which is allowed to set new passwords for normal users, who tend to
> forget their passwords, can do the same for any user - including
> other admins. This means this admin can get access to all other admin
> accounts, even if direct access is not allowed through RSBAC access
> control.
>
> 4. Password attacks:
> As encrypted passwords are readable for too many processes, they can
> be guessed via dictionary attacks. Worse, the old crypt is easy to
> crack, and even the MD5 replacement is rumoured to be attackable with
> databases of precomputed MD5 strings.
You can fix these issues in userspace with alternative shadowing scheme,
see http://www.openwall.com/tcb/
--
ldv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.rsbac.org/pipermail/rsbac/attachments/20050203/9d772a0c/attachment.bin
More information about the rsbac
mailing list