[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Antivirus? (and firewalls)

To: independence-l@independence.seul.org
Subject: Re: Antivirus? (and firewalls)
From: JF Martinez <jfm2@club-internet.fr>
Date: Fri, 13 Aug 1999 23:58:40 +0200
In-reply-to: <027701bee593$d28446b0$d801a8c0@pnc00034.primenetcorp.com>(lee@insync.net)
References: <027701bee593$d28446b0$d801a8c0@pnc00034.primenetcorp.com>
Reply-To: independence-l@independence.seul.org
Sender: owner-independence-l@independence.seul.org

> 
> >For now we have no virusses on Linux but setuid programs could be used
> >for spreading them.  Of course it is far easier to keep track of a few
> >setuid programs as of every program like it happens in Linux.  However
> >sooner or later measures will have to be taken for ensuring root
> >doesn't run unsecure software.
> 
>    One of the best ways is to insure that everything can be easily done as a
> user with su.  If there is no reason to log in as root, people will log in
> as eLiTe hAkOr instead. :-)
> 

Running through "su" is no protection at all.  In addition RedHat
makes you run it using exactly the same path as when you were noral
user.  This is a security risk (imagine a user fooling you into
running su from his seeeion or an unsecure program lying in your
$HOME/bin directory).  Indy has the same problme than RedHat.  Caldera
resets root to his normal path but I hadn't time to implement the
Caldera solution in Indy.

However the basic problem is that nothing forces the user to use the
root account for the tasks it is intended: system administration.
Root should have a path with only the minimal set of commands for
system administration in it.  Of course root can change his path but
then he is responsible of what happens.


> >> >IF we could make a GUI for IPchains, and make it easy,
> >> >it would be something that would get a lot of good
> >> >publicity for us.
> 
> >IPchains is very advanced networking, not exactly our ecological niche.
> 
>    I think this is exactly our niche.  We are making a complex system,
> Linux, simple for the new user.  All you have to do is the on the Linux
> security news group and read about people who are rooted within HOURS of
> setting up on the cable modem. <cable modem = big switched network>  Users
> NEED some security, but the ability to manage it.  Some kind of GUI for
> hosts.allow and hosts.deny and basic IPchains functionality needs to be
> done.  If not by us, by someone.  And if it is by us we will get a LOT of
> publicity.  Just my 2 cents worth. :-)
> 

Look at kfirewall.  I have tried the linuxconf module and I wasn't
convinced: in fact the problem is that it is easy to define rules but
making linuxconf activating them is difficult to find.


>             Lee
> 
> 

-- 
			Jean Francois Martinez

Project Independence: Linux for the Masses
http://www.independence.seul.org

References:
- Re: Antivirus? (and firewalls)
  - From: "Lee Sharp" <lee@insync.net>

Prev by Date: Re: Antivirus? (and firewalls)
Next by Date: Re: Antivirus? (and firewalls)
Prev by thread: Re: Antivirus? (and firewalls)
Next by thread: Re: Antivirus? (and firewalls)
Index(es):
- Date
- Thread