Re: Boost OpenBSD security - Zophie for 3.9
Tomasz Zielinski wrote: Hello, Zophie is patch that contains new security features for OpenBSD 3.9. BSD license. I have not tested it personaly, but probably it's worth to analyze it and maybe even incorporate. More info: http://www.0penbsd.com/zophie.html, http://akcja.0penbsd.com/zosia/ Anyone know why this patch implement another sysctl instead of adding a security level specificaly for process privacy. Less specificaly, seurity levels could be patched to permit a mask based implementation in order to mix features from differents security levels, just an idea... Best regards, Francois
Re: Boost OpenBSD security - Zophie for 3.9
2006/7/2, Tomasz Zielinski [EMAIL PROTECTED]: Hello, Zophie is patch that contains new security features for OpenBSD 3.9. BSD license. I have not tested it personaly, but probably it's worth to analyze it and maybe even incorporate. More info: http://www.0penbsd.com/zophie.html, http://akcja.0penbsd.com/zosia/ Development cycle of OpenBSD4.0 support starts tomorrow and will be finished when 4.1 releases?
Re: Boost OpenBSD security - Zophie for 3.9
Wijnand Wiersma wrote: Development cycle of OpenBSD4.0 support starts tomorrow and will be finished when 4.1 releases? Sure, why not. -- [100~Plax]sb16i0A2172656B63616820636420726568746F6E61207473754A[dZ1!=b]salax
Re: Boost OpenBSD security - Zophie for 3.9
At 07:18 2006-07-03, you wrote: On 7/2/06, Marcin Wilk [EMAIL PROTECTED] wrote: At 22:35 2006-07-02, you wrote: On Sun, Jul 02, 2006 at 12:20:49PM -0700, Greg Thomas wrote: On 7/2/06, Tobias Ulmer [EMAIL PROTECTED] wrote: On Sun, Jul 02, 2006 at 03:13:59PM +0200, Tomasz Zielinski wrote: Hello, Zophie is patch that contains new security features for OpenBSD 3.9. BSD license. I have not tested it personaly, but probably it's worth to analyze it and maybe even incorporate. More info: http://www.0penbsd.com/zophie.html, http://akcja.0penbsd.com/zosia/ I normally don't take the bait, but this one is so cute... After reading through the diffs: (not supplied for added obfusication?) - add a new sysctl to the kernel. - patch some userland tools. - If this sysctl is set, supress certain information. Rocket sience! Even the dumbest scriptkiddie could just compile and run these tools from the original OpenBSD sources. Probably the whole Polish Underground Group profess OpenBSD OS as a religion is a big subtle joke? If so, well done and thanks for the good laugh :) If it is a subtle joke I sure like the screenshots of the install. However, note that the page is quite frank about what is being done, from the web page quoted above: - kern.zophie.privacy This setting is responsible for process privacy in finger, last, netstat, ps, users, w, and who. Value 1 turns on this feature. This, obviously, still doesn't make it very useful (if only because, even after you've mounted everything noexec, you still have top, and so on and so forth) - but the above should be enough to arouse suspicion. Joachim Process privacy itself is done in kernel so top other tools (like lsof for example) will not work. Ps, users, w who are pathed to not show other users that are in this is independent with process privacy. You may find OpenBSD that is on screenshots here: http://nicram.sytes.net/openbsd/openbsd-3.9-i386-zophie.iso It is extactly same OpenBSD. yes it is very easy to make it on Your own :) This is how KISS apps should be made, even when they change something in kernel :) Best Regards Do I understand correctly I could just cvs co usr/bin/who and use the official who and see who is online? Yes because only process privacy is done in kernel.
Re: Boost OpenBSD security - Zophie for 3.9
On Mon, 03 Jul 2006 12:47:40 +0200 Marcin Wilk [EMAIL PROTECTED] wrote: Do I understand correctly I could just cvs co usr/bin/who and use the official who and see who is online? Yes because only process privacy is done in kernel. What's the point ?
Boost OpenBSD security - Zophie for 3.9
Hello, Zophie is patch that contains new security features for OpenBSD 3.9. BSD license. I have not tested it personaly, but probably it's worth to analyze it and maybe even incorporate. More info: http://www.0penbsd.com/zophie.html, http://akcja.0penbsd.com/zosia/ -- Pozdrawienia/Regards Tomasz Zielinski 5 sierpnia o6 CESARIA EVORA w Gdyni. Koncert z morzem w tle w ramach festiwalu GLOBALTICA! Spotkania Kultur wiata! http://klik.wp.pl/?adr=http%3A%2F%2Fadv.reklama.wp.pl%2Fas%2Fcesaria.htmlsid=805
Re: Boost OpenBSD security - Zophie for 3.9
On Sun, Jul 02, 2006 at 03:13:59PM +0200, Tomasz Zielinski wrote: Hello, Zophie is patch that contains new security features for OpenBSD 3.9. BSD license. I have not tested it personaly, but probably it's worth to analyze it and maybe even incorporate. More info: http://www.0penbsd.com/zophie.html, http://akcja.0penbsd.com/zosia/ -- Pozdrawienia/Regards Tomasz Zielinski I normally don't take the bait, but this one is so cute... After reading through the diffs: (not supplied for added obfusication?) - add a new sysctl to the kernel. - patch some userland tools. - If this sysctl is set, supress certain information. Rocket sience! Even the dumbest scriptkiddie could just compile and run these tools from the original OpenBSD sources. Probably the whole Polish Underground Group profess OpenBSD OS as a religion is a big subtle joke? If so, well done and thanks for the good laugh :) Tobias
Re: Boost OpenBSD security - Zophie for 3.9
On 7/2/06, Tobias Ulmer [EMAIL PROTECTED] wrote: On Sun, Jul 02, 2006 at 03:13:59PM +0200, Tomasz Zielinski wrote: Hello, Zophie is patch that contains new security features for OpenBSD 3.9. BSD license. I have not tested it personaly, but probably it's worth to analyze it and maybe even incorporate. More info: http://www.0penbsd.com/zophie.html, http://akcja.0penbsd.com/zosia/ -- Pozdrawienia/Regards Tomasz Zielinski I normally don't take the bait, but this one is so cute... After reading through the diffs: (not supplied for added obfusication?) - add a new sysctl to the kernel. - patch some userland tools. - If this sysctl is set, supress certain information. Rocket sience! Even the dumbest scriptkiddie could just compile and run these tools from the original OpenBSD sources. Probably the whole Polish Underground Group profess OpenBSD OS as a religion is a big subtle joke? If so, well done and thanks for the good laugh :) If it is a subtle joke I sure like the screenshots of the install.
Re: Boost OpenBSD security - Zophie for 3.9
On Sun, Jul 02, 2006 at 12:20:49PM -0700, Greg Thomas wrote: On 7/2/06, Tobias Ulmer [EMAIL PROTECTED] wrote: On Sun, Jul 02, 2006 at 03:13:59PM +0200, Tomasz Zielinski wrote: Hello, Zophie is patch that contains new security features for OpenBSD 3.9. BSD license. I have not tested it personaly, but probably it's worth to analyze it and maybe even incorporate. More info: http://www.0penbsd.com/zophie.html, http://akcja.0penbsd.com/zosia/ I normally don't take the bait, but this one is so cute... After reading through the diffs: (not supplied for added obfusication?) - add a new sysctl to the kernel. - patch some userland tools. - If this sysctl is set, supress certain information. Rocket sience! Even the dumbest scriptkiddie could just compile and run these tools from the original OpenBSD sources. Probably the whole Polish Underground Group profess OpenBSD OS as a religion is a big subtle joke? If so, well done and thanks for the good laugh :) If it is a subtle joke I sure like the screenshots of the install. However, note that the page is quite frank about what is being done, from the web page quoted above: - kern.zophie.privacy This setting is responsible for process privacy in finger, last, netstat, ps, users, w, and who. Value 1 turns on this feature. This, obviously, still doesn't make it very useful (if only because, even after you've mounted everything noexec, you still have top, and so on and so forth) - but the above should be enough to arouse suspicion. Joachim
Re: Boost OpenBSD security - Zophie for 3.9
At 22:35 2006-07-02, you wrote: On Sun, Jul 02, 2006 at 12:20:49PM -0700, Greg Thomas wrote: On 7/2/06, Tobias Ulmer [EMAIL PROTECTED] wrote: On Sun, Jul 02, 2006 at 03:13:59PM +0200, Tomasz Zielinski wrote: Hello, Zophie is patch that contains new security features for OpenBSD 3.9. BSD license. I have not tested it personaly, but probably it's worth to analyze it and maybe even incorporate. More info: http://www.0penbsd.com/zophie.html, http://akcja.0penbsd.com/zosia/ I normally don't take the bait, but this one is so cute... After reading through the diffs: (not supplied for added obfusication?) - add a new sysctl to the kernel. - patch some userland tools. - If this sysctl is set, supress certain information. Rocket sience! Even the dumbest scriptkiddie could just compile and run these tools from the original OpenBSD sources. Probably the whole Polish Underground Group profess OpenBSD OS as a religion is a big subtle joke? If so, well done and thanks for the good laugh :) If it is a subtle joke I sure like the screenshots of the install. However, note that the page is quite frank about what is being done, from the web page quoted above: - kern.zophie.privacy This setting is responsible for process privacy in finger, last, netstat, ps, users, w, and who. Value 1 turns on this feature. This, obviously, still doesn't make it very useful (if only because, even after you've mounted everything noexec, you still have top, and so on and so forth) - but the above should be enough to arouse suspicion. Joachim Process privacy itself is done in kernel so top other tools (like lsof for example) will not work. Ps, users, w who are pathed to not show other users that are in this is independent with process privacy. You may find OpenBSD that is on screenshots here: http://nicram.sytes.net/openbsd/openbsd-3.9-i386-zophie.iso It is extactly same OpenBSD. yes it is very easy to make it on Your own :) This is how KISS apps should be made, even when they change something in kernel :) Best Regards
