Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: UNIX - Software Restriction Policy?

  1. #1
    Member d34dl0k1's Avatar
    Join Date
    Mar 2007
    Posts
    58

    UNIX - Software Restriction Policy?

    I am looking to find an equivalent to Software Restriction Policies in Windows, for Open source distributions. Nothing platform specific, I just want to see what is out there. Does anyone know of anything similar?

    Here's the link
    http://technet.microsoft.com/en-us/l.../bb457006.aspx

    Findings would be discussed in a research paper, thanks

  2. #2
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    CHMOD.

    Only allow a certian group to read/execute it, Done.

  3. #3
    Member d34dl0k1's Avatar
    Join Date
    Mar 2007
    Posts
    58
    Unfortunately chmod wont stop a user from executing an altered binary they had +x permissions on. Also SRP can deny anything but the installation of signed and approved software. So in short... what happens when a user executes code they loaded themselves?

  4. #4
    Member d34dl0k1's Avatar
    Join Date
    Mar 2007
    Posts
    58
    found this (ironic it's on this site)
    http://antionline.com/archive/index.php/t-272351.html

    however I think SRP applies to scripts but I'm not quite sure.

  5. #5
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    If you used SPR to disable users from running scripts they wouldnt be able to run scripts. They also wont be able to install programs because they are not root.

  6. #6
    Member d34dl0k1's Avatar
    Join Date
    Mar 2007
    Posts
    58
    If you used SPR to disable users from running scripts they wouldnt be able to run scripts.
    Yes, isn't it great

    They also wont be able to install programs because they are not root.
    Yes, they could, with permission and a signed installer. It's all in the article . Or are we still talking about linux?

  7. #7
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Yer Im talking about linux. Hmm an answer must be out there...

  8. #8
    Member d34dl0k1's Avatar
    Join Date
    Mar 2007
    Posts
    58
    school must have let out for summer. I noticed you have successfully spammed the entire front page with your posts.

  9. #9
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Its been out :-p

  10. #10
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Quote Originally Posted by d34dl0k1
    Also SRP can deny anything but the installation of signed and approved software.
    Only root can install software.
    So in short... what happens when a user executes code they loaded themselves?
    To prevent users from installing/running software from their homedirs mount /home noexec. Might want to mount /tmp noexec too.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Similar Threads

  1. Cisco Security Advisory: Cisco Telnet Denial of Service Vulnerability
    By Spyder32 in forum Miscellaneous Security Discussions
    Replies: 1
    Last Post: May 27th, 2008, 01:17 PM
  2. HP Tru64 Unix FTP Daemon (ftpd) Remote Denial of Service (DoS)!
    By Black Cluster in forum Security News
    Replies: 0
    Last Post: September 21st, 2005, 02:03 AM
  3. UNIX (Non tech)
    By gore in forum Operating Systems
    Replies: 1
    Last Post: October 12th, 2004, 07:29 AM
  4. Any requests?
    By gore in forum Operating Systems
    Replies: 11
    Last Post: August 8th, 2004, 05:21 AM
  5. SCO flops in DaimlerChrysler Unix lawsuit
    By SDK in forum AntiOnline's General Chit Chat
    Replies: 1
    Last Post: July 21st, 2004, 10:48 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •