Need some security advice for systemtap

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I need some security development help (and this might be the wrong list - if so, please point me in the right direction). I'm one of the systemtap developers. You can see <http://sourceware.org/systemtap/> for details, but a 2 second overview is that systemtap allows users to write a script that probes points in the kernel. systemtap takes the script, converts it into C, compiles the C into a kernel module, inserts the kernel module, and displays any output from the compiled script. When the script finishes, we remove the kernel module.

One of the complaints we get from users is that we require root access (using sudo) to install/remove the kernel module. Large enterprise customers typically don't give out sudo access to all admins. So, they would like a way to designate certain scripts/modules as "blessed", and allow admins/developers/etc. without root access to run those "blessed" scripts/modules.

Some basic ideas about how we can allow users without sudo access to run "blessed" scripts/modules can be seen at <http://sources.redhat.com/bugzilla/show_bug.cgi?id=4523>,

So, I'm looking for thoughts, criticisms, pointers, etc. to do this in a manner that won't allow a system to be easily compromised. We're in the fairly early stages of this idea, and I'm looking for direction before heading down the wrong road.

Thanks for the help.

--
David Smith
dsmith@xxxxxxxxxx
Red Hat
http://www.redhat.com
256.217.0141 (direct)
256.837.0057 (fax)

--
Fedora-security-list mailing list
Fedora-security-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-security-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux