From: David Smith <dsmith@redhat.com>
To: fedora-security-list@redhat.com
Cc: Systemtap List <systemtap@sources.redhat.com>
Subject: Need some security advice for systemtap
Date: Mon, 04 Jun 2007 19:34:00 -0000 [thread overview]
Message-ID: <4664691E.7010803@redhat.com> (raw)
I need some security development help (and this might be the wrong list
- if so, please point me in the right direction). I'm one of the
systemtap developers. You can see <http://sourceware.org/systemtap/>
for details, but a 2 second overview is that systemtap allows users to
write a script that probes points in the kernel. systemtap takes the
script, converts it into C, compiles the C into a kernel module, inserts
the kernel module, and displays any output from the compiled script.
When the script finishes, we remove the kernel module.
One of the complaints we get from users is that we require root access
(using sudo) to install/remove the kernel module. Large enterprise
customers typically don't give out sudo access to all admins. So, they
would like a way to designate certain scripts/modules as "blessed", and
allow admins/developers/etc. without root access to run those "blessed"
scripts/modules.
Some basic ideas about how we can allow users without sudo access to run
"blessed" scripts/modules can be seen at
<http://sources.redhat.com/bugzilla/show_bug.cgi?id=4523>,
So, I'm looking for thoughts, criticisms, pointers, etc. to do this in a
manner that won't allow a system to be easily compromised. We're in
the fairly early stages of this idea, and I'm looking for direction
before heading down the wrong road.
Thanks for the help.
--
David Smith
dsmith@redhat.com
Red Hat
http://www.redhat.com
256.217.0141 (direct)
256.837.0057 (fax)
next reply other threads:[~2007-06-04 19:34 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-04 19:34 David Smith [this message]
2007-06-05 8:47 ` Tomasz Chmielewski
2007-06-05 15:09 ` Frank Ch. Eigler
2007-06-05 20:40 ` David Smith
2007-06-05 17:20 ` grundy
2007-06-05 20:56 ` David Smith
2007-06-08 22:00 ` Pavel Kankovsky
2007-06-11 13:09 ` David Smith
2007-06-11 18:35 ` David Smith
2007-06-11 21:32 ` Frank Ch. Eigler
2007-06-11 22:00 ` David Smith
2007-06-16 15:35 ` Pavel Kankovsky
2007-06-18 19:45 ` David Smith
2007-06-19 0:02 ` Martin Hunt
2007-06-19 19:57 ` David Smith
2007-06-19 20:42 ` Stone, Joshua I
2007-07-01 16:14 ` Pavel Kankovsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4664691E.7010803@redhat.com \
--to=dsmith@redhat.com \
--cc=fedora-security-list@redhat.com \
--cc=systemtap@sources.redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).