Re: Need some security advice for systemtap

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Thanks for the response.  See stuff below.

Pavel Kankovsky wrote:
On Mon, 4 Jun 2007, David Smith wrote:

One of the complaints we get from users is that we require root access
(using sudo) to install/remove the kernel module.  Large enterprise
customers typically don't give out sudo access to all admins.  So, they
would like a way to designate certain scripts/modules as "blessed", and
allow admins/developers/etc. without root access to run those "blessed"

The easiest way to designate a certain script as "blessed" (and quite
difficult to goof it up) is to let a trusted user take the source of the
script, check it, make a kernel module, and install it into a designated
directory on the target system (or systems), perhaps under

That's my current thinking. Seems easier from a user's point of view and less fragile from a security point of view.

If you are afraid of allowing "untrusted admins" run "sudo modprobe
the_probe" (but not afraid of allowing to run your own setuid root
program) you can create something like "sustaprun" that will make it
possible to load blessed modules (from the designated directory) only.

That's also my current thinking.  I'm trying to prototype this now.

David Smith
Red Hat
256.217.0141 (direct)
256.837.0057 (fax)

Fedora-security-list mailing list

[Home]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Red Hat 9 Bible]     [Fedora Bible]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Coolkey]     [Fedora Tools]

Powered by Linux