Re: More Choice Given in Linux Security

Home	Messages Index

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index

Re: More Choice Given in Linux Security

Subject: Re: More Choice Given in Linux Security
From: Rex Ballard <rex.ballard@xxxxxxxxx>
Date: Wed, 31 Oct 2007 08:13:15 -0700
Complaints-to: groups-abuse@xxxxxxxxxx
In-reply-to: <5265137.t6o4ac0yNW@xxxxxxxxxxxxxxx>
Injection-info: k79g2000hse.googlegroups.com; posting-host=67.80.103.238; posting-account=ps2QrAMAAAA6_jCuRt2JEIpn5Otqf_w0
Newsgroups: comp.os.linux.advocacy
Organization: http://groups.google.com
References: <5265137.t6o4ac0yNW@xxxxxxxxxxxxxxx>
User-agent: G2/1.0
Xref: ellandroad.demon.co.uk comp.os.linux.advocacy:572278

On Oct 31, 9:11 am, Roy Schestowitz <newsgro...@xxxxxxxxxxxxxxx>
wrote:
> Kernel space: should security modules be dynamically loadable?
>
> ,----[ Quote ]
> | The ever-contentious Linux Security Modules (LSM) API is being debated once
> | again on linux-kernel, not its removal, which Linus Torvalds came down firmly
> | against, but whether it should allow security modules to be loaded
> | dynamically.
> `----

Pluggable authentication modules have been in Linux since the early
Slackware days.  It's one of the main features of Linux.  Linux users
can have the option of using an internal password file, a shadow file,
Kerberos authentication ("password" changes every few seconds), or
LDAP with or without Kerberos protection for the LDAP server.

The pluggable authentication module also lets users or corporations
plug in other security models such as Active Directory compatibility,
or use SSL connections to the LDAP servers.  The security can be very
simple, or secure enough for the NSA (remember, they did a security
audit to make it good enough for their needs).  When the top spy
organizations like the NSA and MI5 start using Linux, because they
have plug-in modules, that's a pretty strong endorsement for PAM.

The main argument against PAM is that you could theoretically subvert
the configured security system.  If I have a passworded disk drive, I
still need root access to modify the configuration.  If the drive is
not passworded, it could be removed from the laptop, mounted on a USB
to IDE or USB to SATA cable, and configured to use password
authentication.

There are ways to prevent that as well, but at that point, ANY OS
could be "cracked" using such extreme routines.

Compiling the security into the kernel doesn't really change much.  If
the security is configurable, the configuration can still be
comprimized using the technique described above.  If the police get a
search warrant and seize your computer, none of the authentication
methods used in ANY operating system will slow them down more than a
few minutes.  Using file level encryption and using different
encryption keys for each file will make things more difficult, but
even those files can be cracked if necessary.

> http://www.linuxworld.com/news/2007/103107-kernel.html?fsrc=rss-linux...

References:
- [News] More Choice Given in Linux Security
  - From: Roy Schestowitz

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index