0sec06 - 1.0
0sec 2006
a private security event for friends
| Speakers | |
|---|---|
|
Rob Holland |
| Schedule | |
|---|---|
| Day | 2 |
| Room | Talk |
| Start time | 13:00 |
| Duration | 01:00 |
| Info | |
| ID | 22 |
| Type | Lecture |
| Track | Talks |
| Language | English |
Reducing root code paths
The talk presents an alternative to the existing requirements to run daemons as root and unwieldy use of the setuid bit.
It will cover existing ways to avoid the requirement for root for the majority of the code paths in an application, alongside clean extensions to the Linux and BSD kernels to improve current Privilege Seperation techniques. Use of the proposed solution prevents an attacker from recovering root via setuid(0) and SAVED_IDS.
Code running as root can be reduced to a small validation "gatekeeper" which can be more easily audited and secured against attack than the current method of dropping then restoring root via setuid().
The extensions use the existing 'cmsg' socket infrastructure for exchanging and validating credentials, patching in the ability to elevate privileges, providing a safe equivalvent to setuid() via Unix Domain Sockets.