Dean Anderson wrote:
Michael Sprague wrote:
...couldn't you use something like grsecurity or selinux to prevent
even root from doing anything bad to the network attached storage?
"No, they won't help if root can't be trusted". The reason is that once
you have kernel loader privilege, you can alter the kernel to circumvent
whatever security has been added to it...
Your answer may be correct, but I'm not sure it is relevant in the
context of the original question.
If the original question is about providing access to a file system over
a network where the remote *clients* don't have a secure and trusted
root, then obtaining "kernel loader privilege" on the server is not
likely to happen.
Where SELinux comes into play is if you want to retain some of the
behaviors you get when you configure NFS to be cooperative with root
users on the client machines, but want finer grain control over what
those users can do. In this case you use SELinux to clamp down on what
the NFS server is capable of doing, and the clients can't bypass that
security as long as the server isn't breached.
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
_______________________________________________
bblisa mailing list
[email protected]
http://www.bblisa.org/mailman/listinfo/bblisa
