Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
"Secure Linux" Primer
Search
Toshiharu Harada / 原田 季栄
November 21, 2008
Technology
0
61
"Secure Linux" Primer
Toshiharu Harada / 原田 季栄
November 21, 2008
Tweet
Share
More Decks by Toshiharu Harada / 原田 季栄
See All by Toshiharu Harada / 原田 季栄
ジョブズは言う、「愛するものを見つけるんだ」と
haradats
0
83
メインライン化のご報告
haradats
0
100
2009年の「今」、セキュリティについて考える
haradats
0
51
Kernel Development: Drawing Lessons from Mistakes
haradats
0
190
What Does It Mean Being an Open Source Project Manager in Enterprise (Enterprise Edition)
haradats
0
120
What Does It Mean Being an Open Source Project Manager in Enterprise (Open Source Spirit Edition)
haradats
0
36
僕より少し遅く生まれてきた君たちへ
haradats
0
36
Realities of Mainlining - case of the TOMOYO Linux project -
haradats
0
40
TOMOYO Linux for Secure Embedded
haradats
0
40
Other Decks in Technology
See All in Technology
IPUT App Dev. Co. -Overview 2024/4
iputapp
0
120
The AI Revolution Will Not Be Monopolized: Behind the scenes
inesmontani
PRO
1
160
Azure Container Apps + Bicep 〜 こんな感じで運用しています
kaz29
3
620
[新卒向け研修資料] テスト文字列に「うんこ」と入れるな(2024年版)
infiniteloop_inc
4
18k
MixIT 2024 - Pulumi : Gérer son infra avec son langage de programmation préféré
ju_hnny5
1
120
AWS学習者向けにAzureの解説スライドを作成した話
handy
3
190
推しは推せるときに推せ! プロダクトにフィードバックしていこう
nakasho
0
460
Kernel MemoryでAzure OpenAI Serviceとお手軽データソース連携
mitsuzono
1
280
.NET Profiler in 2024.
kkamegawa
2
940
JAWS-UG Bedrock Claude Night
yamahiro
3
690
データベース02: データベースの概念
trycycle
0
180
実例で紹介するRAG導入時の知見と精度向上の勘所
yamahiro
5
1.5k
Featured
See All Featured
Stop Working from a Prison Cell
hatefulcrawdad
267
19k
How GitHub (no longer) Works
holman
305
140k
Fontdeck: Realign not Redesign
paulrobertlloyd
76
4.9k
Facilitating Awesome Meetings
lara
43
5.6k
BBQ
matthewcrist
80
8.8k
The Illustrated Children's Guide to Kubernetes
chrisshort
32
46k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
14
1.5k
From Idea to $5000 a Month in 5 Months
shpigford
378
45k
5 minutes of I Can Smell Your CMS
philhawksworth
199
19k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
155
14k
How to name files
jennybc
65
93k
Imperfection Machines: The Place of Print at Facebook
scottboms
261
12k
Transcript
'SFFEPN)&$5BJQFJ ༑ف೦తߨԋ l4FDVSF-JOVYz1SJNFS 5IFNPTUVOEFSTUBOEBCMFJOUSPEVDUJPOUPlTFDVSF-JOVYz /PWFNCFS ݪాقӫ 5PTIJIBSV)BSBEB /55%"5"$03103"5*0/
*BNQSPKFDUNBOHFSPG50.0:0-JOVY 50.0:0-JOVYJTPOFPGUIFBDUJWJUJFTUPlNBLF -JOVYNPSFTFDVSFz 4FDVSJUZJTOPUFBTZUPVOEFSTUBOEOPSVTFS GSJFOEMZ CVUJU`TJOEJTQFOTBCMF *XBOUFEUPIFMQZPVTUBSUZPVSKPVSOFZCZUIJT QSFTFOUBUJPO "CPVU
USJFTUPHJWFZPVUIFWFSZCBTJT GVOEBNFOUBM JOGPSNBUJPOPO-JOVYTFDVSJUZ *USJFEUPFYQMBJOCZJNBHFTJOTUFBEPGXPSET 1MFBTFSFMBY GFFMBOEFOKPZ 5IJTQSFTFOUBUJPO
l4FDVSF-JOVYzEPFTOPUFYJTU *U`TUIFVMUJNBUFHPBMUIBUXFDBOOFWFSSFBDI 4UJMMXFDBOUSZ UIBOL-JOVTGPSNBLJOH-JOVY PQFOTPVSDF 5IFSFBSFOVNCFSPGQSPKFDUTUSZJOHUP lFOIBODF-JOVYTFDVSJUZz l4FDVSF-JOVYz
4&-JOVY 4FDVSJUZ&OIBODFE-JOVY EFWFMPQFE CZ/4"JTEJTUJOHVJTIFEBOESFTQFDUFEGSPN PUIFSBUUFNQUTUPXBSETUIFHPBM 8IBUNBLFT4&-JOVYTQFDJBM *U`TlJOUSFFz QBSUPGUIFTUBOEBSE-JOVY TPVSDFDPEF *U`TGVMMZGVODUJPOBMBOENPTUQPXFSGVM
4&-JOVY
:FT5IFSFBSFNBOZ5PNBLFUIFXPSLlJOUSFFz JTBESFBNGPSEFWFMPQFST "QQ"SNPSCZ/07&--BOE50.0:0-JOVYCZ /55%"5"$03103"5*0/BSFSFMBUJWFMZOFX -,.- -JOVY,FSOFM.BJMJOH-JTU JTUIFQMBDFUP QSPQPTFBOEEJTDVTT-JOVYQSPHSBN )PXBCPVUlPVUPGUSFFz
4NBDL 4JNQMJpFE.BOEBUPSZ"DDFTT$POUSPM ,FSOFM EFWFMPQFECZ$BTFZ4DIBVqFSJTUIF PUIFSlJOUSFFzJNQMFNFOUBUJPO :PVDBO`UVTF4&-JOVYBOE4NBDLBUUIFTBNF UJNF5IJTJTEVFUPUIFMJNJUBUJPOPG-4. -JOVY 4FDVSJUZ.PEVMFT UIFTFDVSJUZGSBNFXPSLPG
-JOVY "OZPUIFSlJOUSFFz
8IZEPXFOFFEUPlFOIBODFz -JOVYTFDVSJUZ )PXDBOUIBUCFEPOF $IBQUFS
Prologue Why do we need to enhance Linux security?
None
None
ແ
ແ
උ
DAC The owner can set the access attributes for his/her
resource. This is called DAC (Discretionary Access Control). example: % chmod 600 my_diary
ڻ
None
None
• Unfortunately, DAC can be overridden • You should set
DAC carefully, but should not trust it • When is DAC broken?
જ
None
None
root user root user is not affected by DAC. root
user is the God (if your Linux is not “security enhanced” Linux)
જ
જ
None
ዼ
setuid a process invoked by a program with setuid attribute
will be given root privilege. that’s why you can change your password stored in /etc/ shadow which is posessed by “root”.
Why he lost his bonzes?
.BOEBUPSZ"DDFTT$POUSPM l4FDVSF-JOVYzCBTJD $IBQUFS
-JOVYIBTHPPEPMETFDVSJUZDBMMFE%"$ %JTDSFUJPOBSZ"DDFTT$POUSPM #VU%"$JTOPUTV⒏DJFOU 1BSUJDVMBSMZJGTPNFPOFTUPMFSPPUQSJWJMFHFPG ZPVSTZTUFN ZPVBSFBCTPMVUFMZPVUPGMVDL l1SJWJMFHFzJTUIFLFZ -FTTPOT-FBSOFE
$PVOUFSNFBTVSFT &MJNJOBUJOHSPPUBDDPVOUBOEQSJWJMFHFTDBOOPU TPMWFUIFQSPCMFN 4PUIFJTTVFJTIPXUPMJNJUUIFQSJWJMFHFT *UIBTCFFOTUVEJFEBOEJTOPXXFMMLOPXOBT l-FBTU1SJWJMFHFzQSJODJQMF DPNNPOUPFWFSZ PQFSBUJOHTZTUFNT
."$ .BOEBUPSZ"DDFTT$POUSPM 5IFTIPSUBHFTPG%"$BOEQPUFOUJBMUISFBUT %"$DBODBVTFIBWFCFFOTUVEJFEGPSPWFS UXFOUZZFBST ."$IBTCFFOJOUSPEVDFEUPBDIJFWFUIF-FBTU 1SJWJMFHFQSJODJQMF %"$%JTDSFUJPOBSZ"DDFTT$POUSPM ."$.BOEBUPSZ"DDFTT$POUSPM
)PX."$XPSLT ."$DPOUSPMTBDDFTTSFRVFTUTJO-JOVYLFSOFM l$POUSPMzNFBOTKVEHFNFOUTUPFMJNJOBUFSFKFDU JOBEFRVBUFBDDFTTSFRVFTUT )PXDBO."$EJTUJOHVJTIJOBEFRVBUFSFRVFTUT GSPNPUIFST QMFBTFUIJOL
."$JTBUPPM ."$EPFTOPU PSDBOOPU EJTUJOHVJTI JOBEFRVBUFSFRVFTUTGSPNPUIFST *UJTBMXBZTIVNBOUPKVEHFXIFUIFSSFRVFTUT BSFBEFRVBUF OFFEFE PSOPU
l1PMJDZz "ENJOJTUSBUPSTIBWFUPUFMM."$HPPEBOECBE SFRVFTUJOUFSNTPGBDDFTTSVMFEFpOJUJPOT 5IPTFEFpOJUJPOTBSFDBMMFElQPMJDZz "QQ"SNPS DBMMTEFpOJUJPOTBTlQSPpMFTz *G."$JTBOFOHJOFPGBDBS QPMJDZJTBGVFM :PVOFFEUPNBOBHFQPMJDJFT
1PMJDZJTJNQPSUBOU ."$KVTUXPSLTBTJUXBTUPME *GZPVGPSHFUUPHJWFSFRVJSFEBDDFTT ZPVS -JOVYCPYXJMMGBJMUPTFSWF *GZPVHJWFFYDFTTJWFBDDFTT ZPVXJMMIBWFNPSF DIBODFTUPDSBDLFST
lTFDVSF-JOVYzJNQMFNFOUBUJPOTUSZUPSFKFDU JOBQQSPQSJBUFBDDFTTSFRVFTU lJOBQQSPQSJBUFzNFOT NBMJDJPVTBDDFTT DSBDLJOH NJTTPQFSBUJPO ."$JTOPUPOMZGPSTFDVSJUZ
MBCFMFETFDVSJUZBOE QBUIBONFCBTFETFDVSJUZ $IBQUFS
MBCFMWTQBUIOBNF 5IFSFBSFUXPLJOETPGJNQMFNFOUBUJPOTGPS -JOVY."$ MBCFMCBTFEBOEQBUIOBNFCBTFE
-BCFMCBTFE4FDVSJUZ EFpOFlMBCFMzpSTU TQFDJGZQPMJDZVTJOH MBCFMT lMBCFMzJTTUPSFEBTBUUSJCVUFTPGYBUUS FYUFOEFE BUUSJCVUFT "TJOPEFJTUSVTUBCMFBT%/" %FPYZSJCP /VDMFJD"DJE
MBCFMJOGPSNBUJPOTUPSFECPVOEXJUI JOPEFJTUSVTUBCMF
1BUIOBNFCBTFE 4FDVSJUZ *OQBUIOBNFCBTFE."$MJLF50.0:0-JOVY BOE"QQ"SNPS QPMJDJFTBSFXSJUUFOBOETUPSFE VTJOHlQBUIOBNFz OPUlMBCFMz 5IPVHIUIFZBSFBMPUFBTJFSUPVTF lQBUIOBNFzJTTVCKFDUUPDIBOHFCZ
PQFSBUJPOTTVDIBTmountBOEchroot
8IJDIJTCFUUFS 'SPNJOGPSNBUJPOqPXDPOUSPMQPJOUPGWJFX MBCFMCBTFEBQQSPBDIJTTVQFSJPS 8IJMFMBCFMCBTFEBQQSPBDIIBTHPPEIJTUPSZ BOEBDBEFNJDBMMZQSPWFO QBUIOBNFCBTFE BQQSPBDIJTUPUBMMZBOFXDPNFS 1BUIOBNFCBTFEJNQMFNFOUBUJPOTBSFHPPE FOUSZQPJOUTUPTUVEZFYQMPSFS."$
l4FDVSF-JOVYzJOUSPEVDUJPO $IBQUFS
4FDVSJUZ&OIBODFE-JOVY 5IFpSTUlJOUSFFz."$JNQMFNFOUBUJPOPG-JOVY %FWFMPQFENBJOMZCZ/BUJPOBM4FDVSJUZ"HFODZ #BTFEPOUIF'MBTLTFDVSJUZBSDIJUFDUVSF 4&-JOVY IUUQXXXOTBHPWTFMJOVY
l4JNQMJpFE.BOEBUPSZ"DDFTT$POUSPM,FSOFMz 5IFTFDPOElJOUSFFz."$JNQMFNFOUBUJPOUP -JOVY TJODF %FWFMPQFECZBOJOEJWJEVBM $BTFZ4DIBVqFS 'VODUJPOBMJUJFTBSFESBTUJDBMMZTJNQMJpFEBTJUT OBNFTBZT 4NBDL IUUQTDIBVqFSDBDPN
1BUIOBNFCBTFE."$JNQMFNFOUBUJPOMJLF 50.0:0-JOVY /PUJOUFOEFEUPQSPUFDUUIFXIPMFTZTUFNMJLF 4&-JOVYEPTF"JNFEUPQSPUFDUTQFDJpD TFSWJDFTMJLFXFCTFSWFS "WBJMBCMFPO0QFO464& (FOUPPBOE6CVOUV "QQ"SNPS IUUQFOPQFOTVTFPSH"QQ"SNPS
1BUIOBNFCBTFE."$EFWFMPQFECZ/55%"5" $03103"5*0/ +BQBO )BTVOJRVFlMFBSOJOHNPEFz -JWF$%BWBJMBCMFGPS6CVOUVBOE$FOU04 50.0:0-JOVY IUUQFMJOVYPSH5PNPZP-JOVY IUUQUPNPZPTPVSDFGPSHFKQ
8BOUUPMFBSONPSF :PVDBOOPUDPNQBSFUIFNVOMFTTZPVQMBZXJUI UIFN BUMFBTUPOFPGUIFN *IBWFNZWFSTJPOPGBTJNQMJpFEDPNQBSJTPO DIBSU IPQFUIJTIFMQT IUUQUPNPZPTPVSDFGPSHFKQXJLJF 8IBU*T
5PPMT $IBQUFS
#SPXTJOHBOETFBSDIJOH-JOVY TPVSDFDPEFXJUIPVUEPXOMPBEJOH
Trademarks • Linux® is a registered trademark of Linus Torvalds
in the United States and other countries. • AppArmor® is a registered trademark of Novell, inc in the United States and other countries. • TOMOYO® is a registered trademark of NTT DATA CORPORATION in Japan.
Concept and story by Toshiharu Harada (NTT DATA CORPORATION) Illustration
by Yumiko Tatsumoto (NTT DATA CORPORATION) and Akira Igarashi in association with Studio Padre Special thanks to ͔͑Δ of NTT DATA CORPORATION ݟ ࠶
None