Secure Implementation of UNIX Shadow Utilities
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
On Trends in Low-Level Exploitation
On trends in low-level exploitation Christian W. Otterstad Department of Informatics, University of Bergen Abstract Low-level computer exploitation and its mitigation counterpart has accumulated some noteworthy history. Presently, especially in academia, it features a plethora of mitigation techniques and also various possible modes of attack. It has seen numerous developments building upon basic methods for both sides and certain trends have emerged. This paper is primarily an overview paper, focusing especially on x86 GNU/Linux. The basic reasons inherent for allowing low-level exploitability are identified and explained to provide background knowledge. The paper furthermore describes the history, present state of the art and future developments that are topical and appear to be important in the field. Several attack and defense techniques have overlapping notions with not always obvious differences. Herein the notion of the bar being raised for both exploits and mitigation methods is examined and extrapolated upon based on the known relevant present state and history. The difference between academia and the industry is discussed especially where it relates to application of new mitigation techniques. Based on this examination some patterns and trends are identified and a conjecture for the likely future development of both is presented and justified. This paper was presented at the NIK-2016 conference; see http://www.nik.no/. 1 Introduction and earlier related work In 1972 the paper “Computer Security Technology Planning Study” was published [1]. Since then, research surrounding the main ideas in this paper has grown to become a ma- ture and complex field in its own right. There are many different exploitation techniques and mitigation techniques. -
Filesystem Hierarchy Standard
Filesystem Hierarchy Standard LSB Workgroup, The Linux Foundation Filesystem Hierarchy Standard LSB Workgroup, The Linux Foundation Version 3.0 Publication date March 19, 2015 Copyright © 2015 The Linux Foundation Copyright © 1994-2004 Daniel Quinlan Copyright © 2001-2004 Paul 'Rusty' Russell Copyright © 2003-2004 Christopher Yeoh Abstract This standard consists of a set of requirements and guidelines for file and directory placement under UNIX-like operating systems. The guidelines are intended to support interoperability of applications, system administration tools, development tools, and scripts as well as greater uniformity of documentation for these systems. All trademarks and copyrights are owned by their owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark. Permission is granted to make and distribute verbatim copies of this standard provided the copyright and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this standard under the conditions for verbatim copying, provided also that the title page is labeled as modified including a reference to the original standard, provided that information on retrieving the original standard is included, and provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this standard into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the copyright holder. Dedication This release is dedicated to the memory of Christopher Yeoh, a long-time friend and colleague, and one of the original editors of the FHS. -
Evaluating UNIX Security Previous Screen Allen B
84-01-15.1 Evaluating UNIX Security Previous screen Allen B. Lum Payoff The UNIX operating system's basic security features include password protection, access permission, user profiles, shell scripts, and file ownership. Because new and enhanced UNIX security features are continually being added to these features in response to the demands of an increasingly competitive user community, information security professionals must begin with an understanding of the basic UNIX security environment. This article covers the fundamental security features that can be found in most of the currently available versions of the UNIX operating system. Several checklists are included at the end of the article to assist administrators in ensuring the security of UNIX systems. Problems Addressed The UNIX operating system was originally developed for use by programmers within an open systems environment. The adoption of UNIX as a common operating system across several different platforms has increased the need for security beyond its original purpose. As a result, many UNIX installations have less than optimal security. In addition, there are several versions of UNIX on the market today with differing security features. This article discusses basic access controls (e.g., passwords) and directory and file permissions within the UNIX system. The concepts discussed are applicable to all versions of UNIX unless specifically noted otherwise. UNIX History As the majority of UNIX users know, UNIX was developed at AT Bell Laboratories in the late 1960s by Thompson and Ritchie; the name UNIXis a contraction of uni and multics. The original UNIX system software was written in the assembler language to run on the digital PDP-7 computer. -
Chapter 3 Unix Overview
Chapter 3 Unix Overview Figure 3.1 Unix file system Directory Purpose / The root directory /bin or /sbin Critical executables needed to boot the system /dev Device drivers /etc System configuration files such as passwords, network addresses and names,system startup scripts /home User home directories /lib Shared libraries used by programs /mnt Temporary mount point for file systems /proc Images of currently executing processes on the system /tmp Temporary files /usr A variety of critical system files, including system utilities (/usr/bin), and administration executables (/usr/sbin) /var Stores varying files such as /var/log, /var/mail Table 3.1 Important Directories in the Unix file system Figure 3.2 Unix Architecture Figure 3.3 Relationship between init, inetd, and various network services Sample /etc/inetd.conf file containing services spawned by inetd /etc/inetd.conf file format • Service name (port # defined in /etc/services) • Socket type (stream or dgram) • Protocol (tcp, udp, rpc/tcp, or rpc/udp) • Wait status (wait or nowait) • Username (service run as) • Server program • Server program arguments Use of inetd.conf to create backdoor listeners and attack relays Common Unix Administration Tasks ♦ Vulnerability of using “.” in your search path $PATH ♦ Showing all running processes ps –aux ps –aef ♦ Killing/restarting processes kill –HUP pid killall –HUP inetd ♦ /etc/passwd file ♦ Unix permissions rwxrwxrwx chmod command Common Unix Administration Tasks (cont.) ♦ SetUID programs – Executes with permissions of its owner, not of its -
The Complete Freebsd
The Complete FreeBSD® If you find errors in this book, please report them to Greg Lehey <grog@Free- BSD.org> for inclusion in the errata list. The Complete FreeBSD® Fourth Edition Tenth anniversary version, 24 February 2006 Greg Lehey The Complete FreeBSD® by Greg Lehey <[email protected]> Copyright © 1996, 1997, 1999, 2002, 2003, 2006 by Greg Lehey. This book is licensed under the Creative Commons “Attribution-NonCommercial-ShareAlike 2.5” license. The full text is located at http://creativecommons.org/licenses/by-nc-sa/2.5/legalcode. You are free: • to copy, distribute, display, and perform the work • to make derivative works under the following conditions: • Attribution. You must attribute the work in the manner specified by the author or licensor. • Noncommercial. You may not use this work for commercial purposes. This clause is modified from the original by the provision: You may use this book for commercial purposes if you pay me the sum of USD 20 per copy printed (whether sold or not). You must also agree to allow inspection of printing records and other material necessary to confirm the royalty sums. The purpose of this clause is to make it attractive to negotiate sensible royalties before printing. • Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under a license identical to this one. • For any reuse or distribution, you must make clear to others the license terms of this work. • Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. -
Detecting Exploit Code Execution in Loadable Kernel Modules
Detecting Exploit Code Execution in Loadable Kernel Modules HaizhiXu WenliangDu SteveJ.Chapin Systems Assurance Institute Syracuse University 3-114 CST, 111 College Place, Syracuse, NY 13210, USA g fhxu02, wedu, chapin @syr.edu Abstract and pointer checks can lead to kernel-level exploits, which can jeopardize the integrity of the running kernel. Inside the In current extensible monolithic operating systems, load- kernel, exploitcode has the privilegeto interceptsystem ser- able kernel modules (LKM) have unrestricted access to vice routines, to modify interrupt handlers, and to overwrite all portions of kernel memory and I/O space. As a result, kernel data. In such cases, the behavior of the entire sys- kernel-module exploitation can jeopardize the integrity of tem may become suspect. the entire system. In this paper, we analyze the threat that Kernel-level protection is different from user space pro- comes from the implicit trust relationship between the oper- tection. Not every application-level protection mechanism ating system kernel and loadable kernel modules. We then can be applied directly to kernel code, because privileges present a specification-directed access monitoring tool— of the kernel environment is different from that of the user HECK, that detects kernel modules for malicious code ex- space. For example, non-executableuser page [21] and non- ecution. Inside the module, HECK prevents code execution executable user stack [29] use virtual memory mapping sup- on the kernel stack and the data sections; on the bound- port for pages and segments, but inside the kernel, a page ary, HECK restricts the module’s access to only those kernel or segment fault can lead to kernel panic. -
Utmp, Wtmp, Sulog
utmp, wtmp, sulog lastlog File UNIX records the last time that each user logged into the system in the lastlog log file. This time is displayed each time that you log in: e.g. login: grossman password: Last login Mon Feb 14 09:19 on console Unfortunately, the design of the lastlog mechanism is such that the previous contents of the file are overwritten at each login. As a result, if a user is inattentive for even a moment or if the login message clears the screen, the user may not notice a suspicious time. Furthermore, even if a suspicious time is noted, it is no longer available for the system administrator to examine. utmp, wtmp, utmpx, and wtmpx Files UNIX keeps track of who is currently logged into the system with a special file called utmp, or utmpx on Solaris systems. This is a binary file that contains a record for every active session and generally does not grow to be more than a few kilobytes in length. A second file, wtmpx, keeps a record of both logins and logouts. This file grows every time a user logs in or logs out and can grow to be many megabytes in length unless it is pruned. utmpx and wtmpx are found in /var/adm on our Solaris systems. utmp and wtmp do not exist in Solaris. The extended wtmpx file used by the Solaris operating system includes the following: Username, 32 characters instead of 8 inittab ID, indicates the type of connection Terminal name, 32 characters instead of 8 Device name Process ID of the login shell Code that denotes the type of entry Exit status of the process Time that the entry was made Session ID Unused bytes for future expansion Remote hostname for logins that originate over a network Examining the utmpx and wtmpx Files UNIX programs that report the users that are currently logged into the system, e.g. -
Introduction to Fmxlinux Delphi's Firemonkey For
Introduction to FmxLinux Delphi’s FireMonkey for Linux Solution Jim McKeeth Embarcadero Technologies [email protected] Chief Developer Advocate & Engineer For quality purposes, all lines except the presenter are muted IT’S OK TO ASK QUESTIONS! Use the Q&A Panel on the Right This webinar is being recorded for future playback. Recordings will be available on Embarcadero’s YouTube channel Your Presenter: Jim McKeeth Embarcadero Technologies [email protected] | @JimMcKeeth Chief Developer Advocate & Engineer Agenda • Overview • Installation • Supported platforms • PAServer • SDK & Packages • Usage • UI Elements • Samples • Database Access FireDAC • Migrating from Windows VCL • midaconverter.com • 3rd Party Support • Broadway Web Why FMX on Linux? • Education - Save money on Windows licenses • Kiosk or Point of Sale - Single purpose computers with locked down user interfaces • Security - Linux offers more security options • IoT & Industrial Automation - Add user interfaces for integrated systems • Federal Government - Many govt systems require Linux support • Choice - Now you can, so might as well! Delphi for Linux History • 1999 Kylix: aka Delphi for Linux, introduced • It was a port of the IDE to Linux • Linux x86 32-bit compiler • Used the Trolltech QT widget library • 2002 Kylix 3 was the last update to Kylix • 2017 Delphi 10.2 “Tokyo” introduced Delphi for x86 64-bit Linux • IDE runs on Windows, cross compiles to Linux via the PAServer • Designed for server side development - no desktop widget GUI library • 2017 Eugene -
Cisco Identity Services Engine CLI Reference Guide, Release 2.2 Americas Headquarters Cisco Systems, Inc
Cisco Identity Services Engine CLI Reference Guide, Release 2.2 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -
System Analysis and Tuning Guide System Analysis and Tuning Guide SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server 15 SP1 System Analysis and Tuning Guide System Analysis and Tuning Guide SUSE Linux Enterprise Server 15 SP1 An administrator's guide for problem detection, resolution and optimization. Find how to inspect and optimize your system by means of monitoring tools and how to eciently manage resources. Also contains an overview of common problems and solutions and of additional help and documentation resources. Publication Date: September 24, 2021 SUSE LLC 1800 South Novell Place Provo, UT 84606 USA https://documentation.suse.com Copyright © 2006– 2021 SUSE LLC and contributors. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”. For SUSE trademarks, see https://www.suse.com/company/legal/ . All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its aliates. Asterisks (*) denote third-party trademarks. All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its aliates, the authors nor the translators shall be held liable for possible errors or the consequences thereof. Contents About This Guide xii 1 Available Documentation xiii -
Securing Debian HOWTO
Securing Debian HOWTO Javier Fernández-Sanguino Peña <[email protected]> v1.92 6 noviembre 2001Tue Oct 23 00:59:57 CEST 2001 Abstract This document describes the process of securing and hardening the default Debian installation. It covers some of the common taks to setup a secure network environment using Debian GNU/Linux. Copyright Notice Copyright c 2001 Alexander Reelsen, Javier Fernández-Sanguino Peña Copyright c 2000 Alexander Reelsen however it is distributed under the terms of the GNU free documentation license. This document is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. i Contents 1 Introduction 1 1.1 Download the HOWTO ................................... 1 1.2 Organizational Notes/Feedback ............................... 2 1.3 Prior knowledge ....................................... 2 1.4 Things that need to be written (TODO) ........................... 2 1.5 Changelog .......................................... 4 1.5.1 Version 1.92 .................................... 4 1.5.2 Version 1.91 .................................... 4 1.5.3 Version 1.9 ..................................... 4 1.5.4 Version 1.8 ..................................... 5 1.5.5 Version 1.7 ..................................... 5 1.5.6 Version 1.6 ..................................... 5 1.5.7 Version 1.5 ..................................... 6 1.5.8 Version 1.4 ..................................... 6 1.5.9 Version 1.3 ..................................... 6 1.5.10 Version 1.2 ..................................... 6 1.5.11 Version 1.1 ..................................... 6 1.5.12 Version 1.0 ..................................... 6 1.6 Credits ............................................ 7 2 Before you begin 9 2.1 What do you want this system for? ............................. 9 2.2 Be aware of general security problems ........................... 9 2.3 How does Debian handle security? ............................. 11 CONTENTS ii 3 Before and during the installation 13 3.1 Choose a BIOS password ................................. -
Securing Debian Manual
Securing Debian Manual Javier Fernández-Sanguino Peña <[email protected]> 2.6 10 octubre 2002Wed, 18 Sep 2002 14:09:35 +0200 Abstract This document describes the process of securing and hardening the default Debian installation. It covers some of the common tasks to set up a secure network environment using Debian GNU/Linux. It also gives additional information on the security tools available as well as the work done by the Debian security team. Copyright Notice Copyright © 2002 Javier Fernández-Sanguino Peña Copyright © 2001 Alexander Reelsen, Javier Fernández-Sanguino Peña Copyright © 2000 Alexander Reelsen Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 (http://www.fsf.org/copyleft/fdl. html) or any later version published by the Free Software Foundation. It is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. i Contents 1 Introduction 1 1.1 Download the manual .................................. 1 1.2 Organizational Notes/Feedback ............................ 2 1.3 Prior knowledge ...................................... 2 1.4 Things that need to be written (FIXME/TODO) .................... 2 1.5 Changelog/History .................................... 5 1.5.1 Version 2.6 (september 2002) .......................... 5 1.5.2 Version 2.5 (september 2002) .......................... 5 1.5.3 Version 2.5 (august 2002) ............................ 5 1.5.4 Version 2.4 ..................................... 9 1.5.5 Version 2.3 ..................................... 9 1.5.6 Version 2.3 ..................................... 9 1.5.7 Version 2.2 ..................................... 10 1.5.8 Version 2.1 ..................................... 10 1.5.9 Version 2.0 ..................................... 10 1.5.10 Version 1.99 ...................................