Re: thoughts on kernel security issues

[Valdis . Kletnieks]

On Wed, 26 Jan 2005 14:31:00 EST, John Richard Moser said:

> [*] Grsecurity
>   Security Level (Custom)  --->
>   Address Space Protection  --->
>   Role Based Access Control Options  --->
>   Filesystem Protections  --->
>   Kernel Auditing  --->
>   Executable Protections  --->
>   Network Protections  --->
>   Sysctl support  --->
>   Logging Options  --->
> 
> ?? Address Space Protection ??
>  [ ] Deny writing to /dev/kmem, /dev/mem, and /dev/port
>  [ ] Disable privileged I/O
>  [*] Remove addresses from /proc/<pid>/[maps|stat]
>  [*] Deter exploit bruteforcing
>  [*] Hide kernel symbols
> 
> Need I continue?  There's some 30 or 40 more options I could show.  If
> you can't use your enter, left, right, up, y, n, and ? keys, you're
> crippled and won't be able to patch and unpatch crap either.

Just because I can use my arrow keys doesn't mean I can find which part of
a 250,000 line patch broke something.

If it's done as 30 or 40 patches, each of which implements ONE OPTION, then
it's pretty easy to play binary search to find what broke something.

And don't give me "it doesn't break anything" - in the past, I've fed at least
2 bug fixes on things I found broken back to the grsecurity crew (one was a
borkage in the process-ID-randomization code, another was a bad parenthesis
matching breaking the intent of an 'if' in one of the filesystem protection
checks (symlink or fifo or something like that).

Attachment: pgp00000.pgp
Description: PGP signature