Re: [linux-security] Re: Re: Re: Re: Re: Bind Overrun Bug and Linux (fwd)

[Jon Lewis <jlewis inorganic5 fdt net>]

On Sun, 24 May 1998, Shaun wrote:

> I thought securelevel was not properly enforced in any development or
> stable kernel.  I know there have been patches put out, Phrack included
> one in it's most recent issue.  Also, didn't Solar Designer include one in
> his secure-linux set?

Are there security concious admins not using Solar's secure-linux?  It
would be really nice if we could get this into the stock kernel...but I
suspect we'd be hit with the "no new features" argument for 2.0.x.
Merging his 2.0.33 patch into 2.0.34pre15 took some work as many of the
bugfix parts had gotten fixed in the kernel and patch rejected them.

> It would be nice if linux just had a working securelevel system, it is
> pointless using chattr to change flags on system files, as anyone with
> root can just change them back.  This demeans the whole idea of having to

If they know how :).  Many hackers don't know jack.  They just have
rootkit and a bag-o-sploits to try.

BTW...drifting back to the original topic....as of bind 8.1.2, it's really
easy to run bind as !root.  I'm running it on a few systems now as user
named.
 
------------------------------------------------------------------
 Jon Lewis <jlewis fdt net>  |  Spammers will be winnuked or 
 Network Administrator       |  drawn and quartered...whichever
 Florida Digital Turnpike    |  is more convenient.
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____