Hello people (again). TSL claims to be and true it is a very secured linux distro. What about to make it a litle more secure? On most cases when a machine goes compromised is about 80% locally and not remote damage. Eg from a user who has already an account on the machine.
Searching the internet I found a tool which automatically makes Jail (chroot) enviroment for the local users. And I am wondering if this could be useful for Trustix Linux to put it in the update section or in the next TSL release like a tool or with help with a automated "useradd" script which will make "ready to run" jailed users. Any opinions on this ? Thank you Christos Panagiotakis (forgive me for my awful english) >> Introduction to Jail (taken from http://www.jmcresearch.com/projects/jail/ ) Jail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automagically configures & builds all the required files, directories and libraries. Jail is licensed under the GNU General Public License. Jail program has been written using C, and the setup script has been written using a bash script and perl. Jail has been tested under Linux (Debian 2.1 & 2.2, RedHat 6.1, 6.2 and 7.0 and Caldera Openlinux 7.0), Solaris (2.6), IRIX (6.5) and FreeBSD 4.3. Some people has contributed to jail with patches and ideas. Thanks to all of them. Jail supports lots of interesting features: * Runs on Linux, Solaris, IRIX and freeBSD (tested) and should run in any of the flavours of these operating systems. * Modular design, so you can port Jail in an easy way. * Support for multiple users in a single chrooted environment. * Fully customizable user shell. * Support for multiple servers: telnetd, sshd, ftpd... * Easy to install thanks to the enviroment creation script. * Should work in any UNIX. * Ease of porting. * Allows run any kind of program as a shell. _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
