Re: Initial draft of privilege escalation policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Jan 23, 2010 at 4:58 PM, Steve Grubb <sgrubb@xxxxxxxxxx> wrote:
> On Wednesday 20 January 2010 01:50:21 pm Stephen John Smoogen wrote:
>> >> * Write to system logs (with the exception that the 'cause to be
>> >> performed' provision is waived in this case)
>> >
>> > Huh ? The mere fact of me logging in will cause system logs to be
>> > written...
>>
>> You are not writing directly to /var/log/messages. You log in and
>> login sends a message to syslogd which writes to the log.
>
> Syslog has *no* integrity guarantees, only the audit logs do. Any user can run
> the /usr/bin/logger program and flood syslog. You can also call openlog() and
> tell it you are the kernel. Syslog is worthless from a security PoV.

I was talking a different type of integrity (i think it is integrity).
A user might be able to run logger over and over but a user can not
'cat /dev/null > /var/log/messages' and have it null the file out.

Couldn't even the audit logs be 'played' with in a default system by
running a program that hit a couple of rules over and over again?
[Well I think it would used to because of a bad rule I once crafted to
watch access to /etc/shadow and a program that checked to see if the
file had been changed.]  Yes audit and the kernel can be set up to
shut down the system if it fills but in the default system is that the
case?

> -Steve
>



-- 
Stephen J Smoogen.

Ah, but a man's reach should exceed his grasp. Or what's a heaven for?
-- Robert Browning
-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux