[rsbac] WorkStation kernel

[kang]

Andrea Pasquinucci wrote:

>Hi all,
>
>I have uploaded to http://fedora.rsbac.mprivacy-update.de/4_ws/ a 
>rpm of a compiled kernel + rsbac_admin tools and a rpm for configuration 
>scripts et al, for a very simple workstation setup running Fedora Core 4.
>
>There is not MAC protection but only DAZ, RES, PAX and FF modules. My
>aim is to protect normal workstation users from
>
>- buffer overflows and similar (PaX)
>- exhaustion of resources (RES)
>- virus, worms and similar (DAZ + clamd)
>
>Each user can add simple MAC features using the FF module.
>
>There are major constraints in this setup: it must be compatible with 
>the distribution and must require _no_ user intervention to setup, only 
>automatic tools.
>
>NOTICE: this is really VERY PRELIMINARY (for example I haven't yet 
>understood why flash doesn't work anymore in firefox, nor added any RES 
>protection yet).
>
>TEST at your own risk, but if anyone is interested, please help.
>
>Andrea
>
>PS. more info in the README and INSTALL files there
>
>  
>

Hi!
I don't use Fedora but i've been looking a bit through your scripts.
First thing is, in etc/rc.d/init.d/clamd.rsbac i see:
 su secoff -c "/usr/local/rsbac/bin/attr_set_fd DAZ FD daz_scanner 1
/usr/sbin/clamd

But I haven't seen something like booting into softmode and reverting to
secure mode after boot is complete.
Well, that probably means you let root changing to secoff user ?
That's bad ! :)
no one should be able to use the secoff without secoff password because
its the key of privilege separations. Actually, we usually deny su to
setuid and you have to login with secoff on the console or with ssh.

Ive the same comment about your rsbac_daz_flush_wrapper.c which does
setuid(400)

Else nice work, I would be happy to see fedora people using a full
preworking rsbac setup for their desktop :)

kang