On Thursday 03 April 2003 10:42, Andre John Cruz wrote: > Pong said: > > unfortunately, the stock linux kernel has still no built-in measures to > > power down the all-powerful root in a usable state or protect the > > memory pages (stack, heap, data) against buffer overflows, to do > > mandatory access controls at the file, network and process levels, and > > to limit direct memory/disk access. that's why it helps alot in the > > real world to go the extra mile in installing kernel-intrusive security > > patches. > > well I guess you can use software like LIDS to limit the root user so it's > not "all-powerful"
I Agree! i've got a glimpse of LIDS's capabilities and it's really amazing. Imagine if root can't delete a certain file, whether it's a configuration file or a binary file. How about hiding your /etc/passwd file or your whole /etc directory with only the programs accessing it which has access through it. Imagine also if you can hide a certain process/es and even if you're root you cannot view it. And many more! ;) -- -JhAzEr- Slackware Linux 9.0 Kernel 2.4.20-ext3 Phoenix 04012003 Nightly Build Gimp 1.3.12 (Unstable) Checkinstall 1.5.3 Smart Boot Manager 3.7 Video Lan Client 0.5.2 KMail 1.5 _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
