[rsbac] kernel user management questions

Dmitry V. Levin ldv at altlinux.org
Thu Feb 3 16:44:23 CET 2005


On Thu, Feb 03, 2005 at 09:58:54AM +0100, Amon Ott wrote:
> On Donnerstag 03 Februar 2005 06:03, sftf at yandex.ru wrote:
> >   Will you be so kind as to answer on couple questions?
> >    1. What benefits of "in-kernel user management" against
> >      traditional Linux user management subsystem?
> The traditional Linux user management, specially the common 
> passwd/shadow scheme with PAM, has several security problems:
> 2. No granularity:
> If a process has access to sensitive account or even authentication 
> data of one user, it has access to the same for _all_ users in the 
> system, even the administration accounts.
> 3. Changing passwords:
> Because of 2., a program which allows password changes by the user 
> (usually passwd), also has access to all passwords. An admin account 
> which is allowed to set new passwords for normal users, who tend to 
> forget their passwords, can do the same for any user - including 
> other admins. This means this admin can get access to all other admin 
> accounts, even if direct access is not allowed through RSBAC access 
> control.
> 4. Password attacks:
> As encrypted passwords are readable for too many processes, they can 
> be guessed via dictionary attacks. Worse, the old crypt is easy to 
> crack, and even the MD5 replacement is rumoured to be attackable with 
> databases of precomputed MD5 strings.

You can fix these issues in userspace with alternative shadowing scheme,
see http://www.openwall.com/tcb/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.rsbac.org/pipermail/rsbac/attachments/20050203/9d772a0c/attachment.bin

More information about the rsbac mailing list