Presentation is loading. Please wait.

Presentation is loading. Please wait.

Linux Security. Authors:- Advanced Linux Programming by Mark Mitchell, Jeffrey Oldham, and Alex Samuel, of CodeSourcery LLC published by New Riders Publishing.

Similar presentations


Presentation on theme: "Linux Security. Authors:- Advanced Linux Programming by Mark Mitchell, Jeffrey Oldham, and Alex Samuel, of CodeSourcery LLC published by New Riders Publishing."— Presentation transcript:

1 Linux Security

2 Authors:- Advanced Linux Programming by Mark Mitchell, Jeffrey Oldham, and Alex Samuel, of CodeSourcery LLC published by New Riders Publishing First Edition, June 2001

3 Abstract Much of the power of a linux system comes from its support for multiple users and for networking. Many people can use the system at once, and they can connect to the system from remote locations. Unfortunately, with this power comes risk, especially for systems connected to the Internet The Linux kernel provides a variety of facilities to ensure that these events do not take place.

4 Users and Groups Each Linux user is assigned a unique number, called a user ID, or UID. – We can control access to a file or other resource by associating it with a particular user ID. Then only the user corresponding to that user ID can access the resource. Each group is assigned a unique number, called a group ID, or GID. – Every group contains one or more user IDs. – A single user ID can be a member of lots of groups, but groups can’t contain other groups, they can contain only users.

5 Example: $ id uid=501(jigi) gid=501(jigi) groups=501(jigi),503(tycs) User IDGroup ID

6 Super User One user account is very special. This user has user ID 0 and usually has the username root. It is also sometimes referred to as the superuser account.

7 Process User IDs and Process Group IDs Every process has an associated user ID and group ID The process group id and user id are always going to be represented as Integer value.

8 File System Permission Current file systems have methods of assigning permissions or access rights to specific users and groups of users. These systems control the ability of the users to view or make changes to the contents of the file systems.

9 Basic ideas for file system permission The Three task which is mostly performed are :  Reading  Writing  Executing This task can be performed by USERS, GROUP, OTHERS.

10 Structure - rwx rw- r-- File type “-” indicates a regular file and “d” indicates directory file Read, write and execute permission for owner of the file Read and write permission for the owning group and not the execute permission Only read permission for the others

11 Security Hole : Programs Without Execute Permissions A user who execute the program without the permission are the Malicious user. Malicious user makes a copy of the program, change the permission and then execute the copy of program. Method to overcome are : – Restrict the copying of the program

12 Sticky Bits This bit is applicable only for Directories. A directory that has the sticky bit set allows you to delete a file only if you are the owner of the file. Hence it is also known as Magic bit

13 Real and Effective Ids There are two user and group ids : – real user id – real group id – effective user id – effective group id (everything that’s true about user IDs is also true about group IDs)

14 Effective User IDs Effective IDs are most common id which is used by the kernel. The Kernel always check for the Effective user id. For example, if a process tries to open a file, the kernel checks the effective user ID when deciding whether to let the process access the file.

15 Real User IDs The real user id is required for changing the effective user id of an already running process, here the kernel checks for the real user id and the effective user id.

16 Rules for exchanging the IDs The function used to change the user IDs for a process is setreuid. The kernel will let a process running with an effective user ID of 0(root) change its user IDs as it sees fit. A process whose effective user ID is 0 can do absolutely anything it pleases. Any other process however can do only one of the following things: – Set its effective user ID to be the same as its real user ID – Set its real user ID to be the same as its effective user ID – Swap the two user IDs

17 Setuid Programs How to become a root user if you are a non-root user ?? – $ whoami Mitchell – $ su Password….. – $ whoami Root

18 Authenticating Users Authentication is any process by which a system verifies the identity of a User who wishes to access it. Since Access Control is normally based on the identity of the User who requests access to a resource, Authentication is essential to effective Security. There is a way given out by Linux to overcome this problem through programs and that is Pluggable Authentication Module.

19 More Security Holes A security hole is a defect in a computer program that allows unauthorized users to gain access to a system or network and to interfere with its operation.

20 Buffer Overruns A buffer, in terms of a program in execution, can be thought of as a region of computer’s main memory that has certain boundaries in context with the program variable that references this memory.

21 Types of deamon Sendmail Finger Talk

22 Race Condition An execution ordering of concurrent flows that results in undesired behavior is called race condition (a software defect and frequent source of vulnerability)

23 Race Condition Properties There are three properties that are necessary for a race condition to exist: 1. Concurrency Property: There must be at least two control flows executing concurrently. 2. Shared Object Property: A shared race object must be accessed by both of the concurrent flows. 3. Change State Property: At least one of the control flows must alter the state of the race object.

24 Conclusion Designing and implementing a truly secure program is actually a difficult task on Unix-like systems such as Linux and Unix. Here are some of the key guidelines: Avoid buffer overflow: Make sure that long inputs (and long intermediate data values) can't be used to take over your program. This is the primary programmatic error at this time.

25 Structure program internals: Secure the interface, minimize privileges, make the initial configuration and defaults safe, and fail safe. Avoid race conditions (e.g., by safely opening any files in a shared directory like /tmp). Trust only trustworthy channels (e.g., most servers must not trust their clients for security checks or other sensitive data such as an item's price in a purchase). Carefully call out to other resources: Limit their values to valid values and check all system call return values.

26 References: http://www.advancedlinuxprogramming.com/alp-folder/alp- ch10-security.pdf http://www.advancedlinuxprogramming.com/alp-folder/alp- ch10-security.pdf http://www.tldp.org/HOWTO/Secure-Programs- HOWTO/conclusion.html http://www.tldp.org/HOWTO/Secure-Programs- HOWTO/conclusion.html

27 Thank You

28 Presented By:-  Jigisha Baria (4)  Shruti Chaudhari (7)  Heena Choudhary(9)  Renu Patel (19)


Download ppt "Linux Security. Authors:- Advanced Linux Programming by Mark Mitchell, Jeffrey Oldham, and Alex Samuel, of CodeSourcery LLC published by New Riders Publishing."

Similar presentations


Ads by Google