RPM security (a newbie question)
Bryn M. Reeves
bmr at redhat.com
Thu Apr 2 14:39:36 UTC 2009
On Thu, 2009-04-02 at 15:22 +0200, "Stanisław T. Findeisen" wrote:
> Todd Zullinger wrote:
> > And, of course, on top of compiler options and firewalls, SELinux is
> > one more layer that is added to protect against problems in upstream
> > code. If upstream code has some hole that tries to mail off
> > /etc/passwd somewhere, this is very likely to be denied by SELinux.
> > And when someone reports the denial, Dan, Miroslav, and the other
> > SELinux maintainers aren't too likely to allow it without asking what
> > good reason the upstream code would have to take such an action.
>
> SELinux will not help you more if it gets overwritten/rootkited by
> malicious RPM package (for instance during the install process).
>
> You execute rpm install as root, don't you.
Actually depending on the policy that is configured SELinux could help
here. The root account is not "special" to SELinux and can be confined
just like any other user.
I am not aware of any specific work looking at preventing malicious
packages from harming the system (since most of the work here is aimed
at securing the package delivery and ensuring that packages from
untrusted sources are not installed inadvertently) but there are others
on this list who can probably provide more insight into how well this
could be made work.
Regards,
Bryn.
More information about the users
mailing list