Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: Introducing mod_privileges for Apache HTTPD
From: KaiGai Kohei <kaigai_at_ak.jp.nec.com>
Date: Mon, 17 Nov 2008 16:51:15 +0900
It seems to me we have similar ideas to enhance web-application security. I've focused on SELinux to utilize security features of operating system. I had a plan to start discussion after my PostgreSQL works are closed, but, it is a good time to start discussion to utilize them for web-applications. I have a modified version of apache/httpd, as a proof of concept. http://code.google.com/p/sepgsql/source/browse/misc/httpd-selinux/ (*) Please copy the "2.2.x" directory as "server/mpm/selinux", and append "--with-mpm=selinux" It enables to invoke request handlers with individual privilege set based on http-authenticated username, source IP addresses and so on. The typical flow of operations are as follows:
(*) Please note that SELinux disallow to revert privileges, because it can be a vulnerability of unexpected escalation. Your "mod_privileges" is implemented on the "perchild" MPM. It is suitable to achieve per VirtualHost privileges. In addition, I think per user/request/network privileges enforced by operating system is more worthwhile feature. A security focused MPM is a key facility to enable the idea. I assume it does not give first priority for performances, but it enables to resolves some kinds of security nightmares. How do you think the concept? Please any comment, Thanks,
Nick Kew wrote:
-- OSS Platform Development Division, NEC KaiGai Kohei <kaigai@ak.jp.nec.com> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Mon 17 Nov 2008 - 02:53:14 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |