150 likes | 234 Views
Secure Operating Systems. Lesson C : Linux Security Features. Where are we?. Multics is beautiful, Multics is beautiful, Multics is beautiful… And also, we’ve looked at some of the ways operating systems get broken Let’s look at a well known OS today: Linux. Linux: Overview.
E N D
Secure Operating Systems Lesson C: Linux Security Features
Where are we? • Multics is beautiful, Multicsis beautiful, Multicsis beautiful… • And also, we’ve looked at some of the ways operating systems get broken • Let’s look at a well known OS today: Linux
Linux: Overview • Accounts, authentication • File permissions • Secure Access • Encrypted storage • Logging • Resource usage controls… • It’s a long list. Let’s take a look.
User Accounts • The Unix model is pretty straightforward • An entity has a user account; this account can be associated with groups • Usually, there is one superuser, root – this account has complete control of the system
PAM: Authentication • User accounts don’t help if you can’t authenticate, so Linux provides PAM • Pluggable Authentication Module • PAM allows us fine grained support on logins and authentication • Account modules: auth is valid under current conditions (time of day, phase of moon…) • Authentication modules: authenticates the user • Password modules: Updating passwords, and measuring password strength • Session modules: things to do at the start and end of every session
Protection: Files • Files can be protected at the user, group, world, level • Valid permissions are read, write, execute • umask provides default permissions for a user on files and directories • Setuid bit – is this a vuln or a feature? Let’s discuss…
Secure Access • None of the above matters if we can’t log in to the box securely • Linux has a few features. • Most notably, we can restrict the places root can log in from – perhaps to a local physical console • All remote connections come in through sshd– compare to telnet
Encrypted storage • First, let’s be clear… what are we protecting from? • With that said, we can create an encrypted bootload and encrypted storage in Linux • Protecting the boot sequence is pretty important – we’ll revisit that when we look at Windows 8
Logging • Or even audit…there’s syslog and auditing • In more up to date Linii, there’s auditd • Very flexible auditing system, that provides very granular logging of events • Configured by audit rules • Tampering? • At the less granular level, there’s syslog etc. • In essence: you have the ability to see, if you choose to look
Resource control • Linux can control how much of a resource a particular user uses, too • Quota can also provide hard limits
Non-Executable Memory • Linux has supported the NX bit for almost TEN years (!!!) • You do need to check your distribution and kernel configuration though • Remind me: what does this achieve?
ASLR • Yes, Linux has address space layout randomization as a kernel option
GCC assistance • Pointer encryption • -Wformat –Wformat-security • Not much use if you don’t pay attention • -D_FORTIFY_SOURCE=2 –O2 – put in runtime and compile time checks on buffers • Built in stack canaries • Position Independent Executables (PIE) • ELF hardening (mark segments r/o before execution
Things to Do • Take a look at the little Linux machine you installed earlier in the semester. What security features are available? What areas can you harden the configuration. Tell me what you did to try and harden the OS…
Questions & Comments • What do you want to know?