Re: per session access to drives

Dan Merillat (
Tue, 13 May 1997 04:20:57 -0400 writes:
> I am attempting to implement a security policy for my machine which i
> like to think of as "neutering root".

I.E. "I can't acutally DO anything on this machine, because I accidentally
nuked /bin and /sbin, but I assume that nobody is smart enough
to be able to replace them."

> The basic idea is simple...dangeerous(and sometimes not so dangerous)
> system utilities can be made completely unavailable to the system by
> locating them on encrypted loop devices.those facilities so located
> can be switched out of the syustem at anytime by simply unmounting
> the loop device.this is incredibly more secure than the joke which
> is unix file permissions/group access, yet still maintains complete
> compatibility with it.

Ok, your point being? You could also stick them on a zip drive and hit
the "eject" button. Same diff. If you are telneted in to the box and
mount the crypted loop, DAMM! there goes your password.

> so, eg, there is one loop device which holds the compiler and development
> tools, another than contains most of the utilities in the sbin directories,
> another for net stuff, etc.

So by making it difficult to do anything on the system, you assume it's

> imagine the hackers' surprise upon breaking into your web server as root
> and finding that basic facilities like ls, cp, mv, etc are not available
> on the system, and that there is no way to either compile them or place
> them there.what fun!

Gee, upon seeing that, I immediatly thought of a way to put them there.

bash$ xargs -n 1 | xargs -i echo -en \\{\}

Paste in the following:
- --- snip ---
164 150 151 163 040 143 157 165 154 144 040 142 145 040 141 040
142 151 156 141 162 171 054 040 163 145 145 072 040 001 002 003
012 012

- --- snip ---

Bet you never thought of that? I'm assuming you got rid of uudecode
(and everything that does uudecode) perl, (There goes most of your CGI's)
tcl, expect... anything that could be used to write a decoder/FTP program.

BTW: generate "shell-FTP" you need to paste in by:
od -b | cut -c 9- < /usr/bin/ftp

> further...this would allow the system users to have their home directories
> set up on encrypted loop devices and thus unaccessible in a substantial
> and real sense to anyone else on the system... even root.

Except root has been compromised and is happily sniffing their passwords,
ho hum.

Oh, except the "evil haqquers" got bored and did a "cat /dev/urandom >
/dev/sda ; cat /dev/zero > /proc/kcore" Oh well, you can always learn
from your mistakes.

In short, you are imagining security... there are a million ways to get
around the "protection" you proposed... so unless you rm -rf /, your
system is vulnerable.

encrypted loopback is useful for storing things (semi) securely, but not for
anti-intruder security

- --Dan

------- End of Forwarded Message