MAC policies and shared hosting
Borja Marcos
BORJAMAR at SARENET.ES
Fri May 5 09:24:34 UTC 2006
> Regarding the multi-level idea, it would be a second phase. I would
> like to be able to contain effectively a possible root escalation
> from a poorly written CGI or PHP script. I know, it would be anyway
> extremely hard. But if we could launch the web server process with
> an additional lower security level inherited by all of its child
> processes, we could prevent damage to the system even by a child
> processes that escalated to root.
And I answer myself :) (forgot to add this)
Another desired functionality involves making sure that code injected
into a poorly written PHP or CGI module cannot (for example)
establish unauthorized network connections, listen(), etc. The
FreeBSD ipfw has a lot of potential, but, unfortunately, ftp
complicates the implementation of a simple uid-based limitation.
Security levels would help here as well.
Borja.
More information about the freebsd-security
mailing list