"Secure Linux" Primer

Transcript

1. 'SFFEPN)&$
   5BJQFJ
    ୆೔༑޷ف೦తߨԋ l4FDVSF
   -JOVYz
   1SJNFS 5IF
   NPTU
   VOEFSTUBOEBCMF
   JOUSPEVDUJPO
   UP
   lTFDVSF
   -JOVYz /PWFNCFS
   
    ݪాقӫ
   5PTIJIBSV
   )BSBEB /55
   %"5"
   $03103"5*0/

2. *
   BN
   QSPKFDU
   NBOHFS
   PG
   50.0:0
   -JOVY 50.0:0
   -JOVY
   JT
   POF
   PG
   UIF
   BDUJWJUJFT
   UP
   lNBLF
   -JOVY
   NPSF
   TFDVSFz 4FDVSJUZ
   JT
   OPU
   FBTZ
   UP
   VOEFSTUBOE
   OPS
   VTFS
   GSJFOEMZ
   CVU
   JU`T
   JOEJTQFOTBCMF *
   XBOUFE
   UP
   IFMQ
   ZPV
   TUBSU
   ZPVS
   KPVSOFZ
   CZ
   UIJT
   QSFTFOUBUJPO "CPVU

3. USJFT
   UP
   HJWF
   ZPV
   UIF
   WFSZ
   CBTJT
   GVOEBNFOUBM
   JOGPSNBUJPO
   PO
   -JOVY
   TFDVSJUZ *
   USJFE
   UP
   FYQMBJO
   CZ
   JNBHFT
   JOTUFBE
   PG
   XPSET 1MFBTF
   SFMBY
   GFFM
   BOE
   FOKPZ 5IJT
   QSFTFOUBUJPO

4. l4FDVSF
   -JOVYz
   EPFT
   OPU
   FYJTU *U`T
   UIF
   VMUJNBUF
   HPBM
   UIBU
   XF
   DBO
   OFWFS
   SFBDI 4UJMM
   XF
   DBO
   USZ
   UIBOL
   -JOVT
   GPS
   NBLJOH
   -JOVY
   PQFO
   TPVSDF 5IFSF
   BSF
   OVNCFS
   PG
   QSPKFDUT
   USZJOH
   UP
   lFOIBODF
   -JOVY
   TFDVSJUZz l4FDVSF
   -JOVYz

5. 4&-JOVY
   4FDVSJUZ&OIBODFE
   -JOVY
   EFWFMPQFE
   CZ
   /4"
   JT
   EJTUJOHVJTIFE
   BOE
   SFTQFDUFE
   GSPN
   PUIFS
   BUUFNQUT
   UPXBSET
   UIF
   HPBM 8IBU
   NBLFT
   4&-JOVY
   TQFDJBM *U`T
   lJOUSFFz
   QBSU
   PG
   UIF
   TUBOEBSE
   -JOVY
   TPVSDF
   DPEF *U`T
   GVMMZ
   GVODUJPOBM
   BOE
   NPTU
   QPXFSGVM

   4&-JOVY

6. :FT
   5IFSF
   BSF
   NBOZ
   5P
   NBLF
   UIF
   XPSL
   lJOUSFFz
   JT
   B
   ESFBN
   GPS
   EFWFMPQFST "QQ"SNPS
   CZ
   /07&--
   BOE
   50.0:0
   -JOVY
   CZ
   /55
   %"5"
   $03103"5*0/
   BSF
   SFMBUJWFMZ
   OFX -,.-
   -JOVY
   ,FSOFM
   .BJMJOH
   -JTU
   JT
   UIF
   QMBDF
   UP
   QSPQPTF
   BOE
   EJTDVTT
   -JOVY
   QSPHSBN )PX
   BCPVU
   lPVUPGUSFFz

7. 4NBDL
   4JNQMJpFE
   .BOEBUPSZ
   "DDFTT
   $POUSPM
   ,FSOFM
   EFWFMPQFE
   CZ
   $BTFZ
   4DIBVqFS
   JT
   UIF
   PUIFS
   lJOUSFFz
   JNQMFNFOUBUJPO :PV
   DBO`U
   VTF
   4&-JOVY
   BOE
   4NBDL
   BU
   UIF
   TBNF
   UJNF
   5IJT
   JT
   EVF
   UP
   UIF
   MJNJUBUJPO
   PG
   -4.
   -JOVY
   4FDVSJUZ
   .PEVMFT
   UIF
   TFDVSJUZ
   GSBNFXPSL
   PG
   

   -JOVY "OZ
   PUIFS
   lJOUSFFz

8. 8IZ
   EP
   XF
   OFFE
   UP
   lFOIBODFz
   -JOVY
   TFDVSJUZ )PX
   DBO
   UIBU
   CF
   EPOF $IBQUFS
   

9. Prologue Why do we need to enhance Linux security?

10. None
11. None

12. ແ

13. ແ

14. උ

15. DAC The owner can set the access attributes for his/her

    resource. This is called DAC (Discretionary Access Control). example: % chmod 600 my_diary

16. ڻ

17. None
18. None

19. • Unfortunately, DAC can be overridden • You should set

    DAC carefully, but should not trust it • When is DAC broken?

20. જ

21. None
22. None

23. root user root user is not affected by DAC. root

    user is the God (if your Linux is not “security enhanced” Linux)

24. જ

25. જ

26. None

27. ዼ

28. setuid a process invoked by a program with setuid attribute

    will be given root privilege. that’s why you can change your password stored in /etc/ shadow which is posessed by “root”.

29. Why he lost his bonzes?

30. .BOEBUPSZ
    "DDFTT
    $POUSPM l4FDVSF
    -JOVYz
    CBTJD $IBQUFS
    

31. -JOVY
    IBT
    HPPE
    PME
    TFDVSJUZ
    DBMMFE
    %"$
    %JTDSFUJPOBSZ
    "DDFTT
    $POUSPM #VU
    %"$
    JT
    OPU
    TV⒏DJFOU 1BSUJDVMBSMZ
    JG
    TPNFPOF
    TUPMF
    SPPU
    QSJWJMFHF
    PG
    ZPVS
    TZTUFN
    ZPV
    BSF
    BCTPMVUFMZ
    PVU
    PG
    MVDL l1SJWJMFHFz
    JT
    UIF
    LFZ -FTTPOT
    -FBSOFE

32. $PVOUFSNFBTVSFT &MJNJOBUJOH
    SPPU
    BDDPVOU
    BOE
    QSJWJMFHFT
    DBO
    OPU
    TPMWF
    UIF
    QSPCMFN 4P
    UIF
    JTTVF
    JT
    IPX
    UP
    MJNJU
    UIF
    QSJWJMFHFT *U
    IBT
    CFFO
    TUVEJFE
    BOE
    JT
    OPX
    XFMM
    LOPXO
    BT
    l-FBTU
    1SJWJMFHFz
    QSJODJQMF
    DPNNPO
    UP
    FWFSZ
    PQFSBUJOH
    TZTUFNT

33. ."$
    .BOEBUPSZ
    "DDFTT
    $POUSPM 5IF
    TIPSUBHFT
    PG
    %"$
    BOE
    QPUFOUJBM
    UISFBUT
    %"$
    DBO
    DBVTF
    IBWF
    CFFO
    TUVEJFE
    GPS
    PWFS
    UXFOUZ
    ZFBST ."$
    IBT
    CFFO
    JOUSPEVDFE
    UP
    BDIJFWF
    UIF
    -FBTU
    1SJWJMFHF
    QSJODJQMF %"$
    %JTDSFUJPOBSZ
    "DDFTT
    $POUSPM ."$
    .BOEBUPSZ
    "DDFTT
    $POUSPM

34. )PX
    ."$
    XPSLT ."$
    DPOUSPMT
    BDDFTT
    SFRVFTUT
    JO
    -JOVY
    LFSOFM l$POUSPMz
    NFBOT
    KVEHFNFOUT
    UP
    FMJNJOBUFSFKFDU
    JOBEFRVBUF
    BDDFTT
    SFRVFTUT )PX
    DBO
    ."$
    EJTUJOHVJTI
    JOBEFRVBUF
    SFRVFTUT
    GSPN
    PUIFST
    QMFBTF
    UIJOL

35. ."$
    JT
    B
    UPPM ."$
    EPFT
    OPU
    PS
    DBOOPU
    EJTUJOHVJTI
    JOBEFRVBUF
    SFRVFTUT
    GSPN
    PUIFST *U
    JT
    BMXBZT
    IVNBO
    UP
    KVEHF
    XIFUIFS
    SFRVFTUT
    BSF
    BEFRVBUF
    OFFEFE
    PS
    OPU

36. l1PMJDZz "ENJOJTUSBUPST
    IBWF
    UP
    UFMM
    ."$
    HPPE
    BOE
    CBE
    SFRVFTU
    JO
    UFSNT
    PG
    BDDFTT
    SVMF
    EFpOJUJPOT 5IPTF
    EFpOJUJPOT
    BSF
    DBMMFE
    lQPMJDZz
    "QQ"SNPS
    DBMMT
    EFpOJUJPOT
    BT
    lQSPpMFTz *G
    ."$
    JT
    BO
    FOHJOF
    PG
    B
    DBS
    QPMJDZ
    JT
    B
    GVFM
    :PV
    OFFE
    UP
    NBOBHF
    QPMJDJFT

37. 1PMJDZ
    JT
    JNQPSUBOU ."$
    KVTU
    XPSLT
    BT
    JU
    XBT
    UPME *G
    ZPV
    GPSHFU
    UP
    HJWF
    SFRVJSFE
    BDDFTT
    ZPVS
    -JOVY
    CPY
    XJMM
    GBJM
    UP
    TFSWF *G
    ZPV
    HJWF
    FYDFTTJWF
    BDDFTT
    ZPV
    XJMM
    IBWF
    NPSF
    DIBODFT
    UP
    DSBDLFST

38. lTFDVSF
    -JOVYz
    JNQMFNFOUBUJPOT
    USZ
    UP
    SFKFDU
    JOBQQSPQSJBUF
    BDDFTT
    SFRVFTU lJOBQQSPQSJBUFz
    NFOT NBMJDJPVT
    BDDFTT
    DSBDLJOH NJTT
    PQFSBUJPO ."$
    JT
    OPU
    POMZ
    GPS
    TFDVSJUZ

39. MBCFMFE
    TFDVSJUZ
    BOE
    QBUIBONFCBTFE
    TFDVSJUZ $IBQUFS
    

40. MBCFM
    WT
    QBUIOBNF 5IFSF
    BSF
    UXP
    LJOET
    PG
    JNQMFNFOUBUJPOT
    GPS
    -JOVY
    ."$
    MBCFMCBTFE
    BOE
    QBUIOBNFCBTFE

41. -BCFMCBTFE
    4FDVSJUZ 
    EFpOF
    lMBCFMz
    pSTU 
    TQFDJGZ
    QPMJDZ
    VTJOH
    MBCFMT lMBCFMz
    JT
    TUPSFE
    BT
    BUUSJCVUFT
    PG
    YBUUS
    FYUFOEFE
    BUUSJCVUFT 
    "T
    JOPEF
    JT
    USVTUBCMF
    BT
    %/"
    %FPYZSJCP
    /VDMFJD
    "DJE

    
    MBCFM
    JOGPSNBUJPO
    TUPSFE
    CPVOE
    XJUI
    JOPEF
    JT
    USVTUBCMF

42. 1BUIOBNFCBTFE
    4FDVSJUZ *O
    QBUIOBNFCBTFE
    ."$
    MJLF
    50.0:0
    -JOVY
    BOE
    "QQ"SNPS
    QPMJDJFT
    BSF
    XSJUUFO
    BOE
    TUPSFE
    VTJOH
    lQBUIOBNFz
    OPU
    lMBCFMz 5IPVHI
    UIFZ
    BSF
    B
    MPU
    FBTJFS
    UP
    VTF
    lQBUIOBNFz
    JT
    TVCKFDU
    UP
    DIBOHF
    CZ
    

    PQFSBUJPOT
    TVDI
    BT
    mount
    BOE
    chroot

43. 8IJDI
    JT
    CFUUFS 'SPN
    JOGPSNBUJPO
    qPX
    DPOUSPM
    QPJOU
    PG
    WJFX
    MBCFMCBTFE
    BQQSPBDI
    JT
    TVQFSJPS 8IJMF
    MBCFMCBTFE
    BQQSPBDI
    IBT
    HPPE
    IJTUPSZ
    BOE
    BDBEFNJDBMMZ
    QSPWFO
    QBUIOBNFCBTFE
    BQQSPBDI
    JT
    UPUBMMZ
    B
    OFXDPNFS 1BUIOBNFCBTFE
    JNQMFNFOUBUJPOT
    BSF
    HPPE
    FOUSZ
    QPJOUT
    UP
    TUVEZFYQMPSFS
    ."$

44. l4FDVSF
    -JOVYz
    JOUSPEVDUJPO $IBQUFS
    

45. 4FDVSJUZ&OIBODFE
    -JOVY 5IF
    pSTU
    lJOUSFFz
    ."$
    JNQMFNFOUBUJPO
    PG
    -JOVY %FWFMPQFE
    NBJOMZ
    CZ
    /BUJPOBM
    4FDVSJUZ
    "HFODZ #BTFE
    PO
    UIF
    'MBTL
    TFDVSJUZ
    BSDIJUFDUVSF 4&-JOVY IUUQXXXOTBHPWTFMJOVY

46. l4JNQMJpFE
    .BOEBUPSZ
    "DDFTT
    $POUSPM
    ,FSOFMz 5IF
    TFDPOE
    lJOUSFFz
    ."$
    JNQMFNFOUBUJPO
    UP
    -JOVY
    TJODF
     %FWFMPQFE
    CZ
    BO
    JOEJWJEVBM
    $BTFZ
    4DIBVqFS 'VODUJPOBMJUJFT
    BSF
    ESBTUJDBMMZ
    TJNQMJpFE
    BT
    JUT
    OBNF
    TBZT 4NBDL IUUQTDIBVqFSDBDPN

47. 1BUIOBNFCBTFE
    ."$
    JNQMFNFOUBUJPO
    MJLF
    50.0:0
    -JOVY /PU
    JOUFOEFE
    UP
    QSPUFDU
    UIF
    XIPMF
    TZTUFN
    MJLF
    4&-JOVY
    EPTF
    "JNFE
    UP
    QSPUFDU
    TQFDJpD
    TFSWJDFT
    MJLF
    XFC
    TFSWFS "WBJMBCMF
    PO
    0QFO464&
    (FOUPP
    BOE
    6CVOUV "QQ"SNPS IUUQFOPQFOTVTFPSH"QQ"SNPS

48. 1BUIOBNFCBTFE
    ."$
    EFWFMPQFE
    CZ
    /55
    %"5"
    $03103"5*0/
    +BQBO )BT
    VOJRVF
    lMFBSOJOH
    NPEFz -JWF$%
    BWBJMBCMF
    GPS
    6CVOUV
    BOE
    $FOU04 50.0:0
    -JOVY IUUQFMJOVYPSH5PNPZP-JOVY IUUQUPNPZPTPVSDFGPSHFKQ

49. 8BOU
    UP
    MFBSO
    NPSF :PV
    DBO
    OPU
    DPNQBSF
    UIFN
    VOMFTT
    ZPV
    QMBZ
    XJUI
    UIFN
    BU
    MFBTU
    POF
    PG
    UIFN *
    IBWF
    NZ
    WFSTJPO
    PG
    B
    TJNQMJpFE
    DPNQBSJTPO
    DIBSU
    IPQF
    UIJT
    IFMQT IUUQUPNPZPTPVSDFGPSHFKQXJLJF 8IBU*T

50. 5PPMT $IBQUFS
    

51. #SPXTJOH
    BOE
    TFBSDIJOH
    -JOVY
    TPVSDF
    DPEF
    XJUIPVU
    EPXOMPBEJOH

52. Trademarks • Linux® is a registered trademark of Linus Torvalds

    in the United States and other countries. • AppArmor® is a registered trademark of Novell, inc in the United States and other countries. • TOMOYO® is a registered trademark of NTT DATA CORPORATION in Japan.

53. Concept and story by Toshiharu Harada (NTT DATA CORPORATION) Illustration

    by Yumiko Tatsumoto (NTT DATA CORPORATION) and Akira Igarashi in association with Studio Padre Special thanks to ͔͑Δ޻๪ of NTT DATA CORPORATION ݟ ࠶
54. None