Implementation questions


From: "Paul D. Robertson" <proberts@clark.net>
Subject: Implementation questions
Date: Wed, 13 Jan 1999 14:58:15 -0500 (EST)

Next Article (by Subject): Re: Implementation questions ao@morpork.shnet.org (A. Ott)
Previous Article (by Subject): Further RC changes? ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: Implementation questions ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date] [Author] [Subject]


On 11 Jan 1999, A. Ott wrote:

> The problem magically disappeared when I ported to 2.2.0-pre6.

I'm looking to bring this port up soon.

Now I'm about ready to start playing, I have some scenerios that I'd like 
feedback on prior to implementation.  

Scenerio 1:

DNS/SMTP/POP server.  Ultimately, I'd like to be sure that neither the SMTP 
or DNS server's compromise could lead to shell access under any 
circumstances.  I'd also like to restrict configuration file changes to a 
limited group of people who could only change those files that are 
necessary, but with an audit of what was changed and when.  

Scenerio 2:

HTTP server.  As with the above, I'd like to restrict compromise to the 
running server itself.  I'd also like to have per-Web user/group access 
security on the content under some directory trees.  Per-user/group CGI 
restrictions and the ability to stop a CGI programmer from giving a shell 
would also be nice.  Ultimately, user permissions (shell, read/change, 
etc.) would also be based on some sort of trusted path or IP scheme 
(possibly per-interface in its most rudimentry form)

I think both of these can be done with MAC level authorizations and 
authentications on traditional B-? systems.  What I'm looking for here is 
some suggestions on an approach with RSBAC, what pieces I have now, what 
I should wait for, and how easy it's going to be to configure and maintain.

Scenerio 2 seems to be the most useful to me at the moment, as I think 
real-world secure Web servers executing untrusted content is a serious 
void.  If we can get Apache to play nicely with RSBAC, there's potential 
for such systems.


Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts@clark.net      which may have no basis whatsoever in fact."
                                                                     PSB#9280
-
To unsubscribe from the rsbac list, send a mail to
majordomo@morpork.shnet.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Subject): Re: Implementation questions ao@morpork.shnet.org (A. Ott)
Previous Article (by Subject): Further RC changes? ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: Implementation questions ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.