Re: Setting loginuid for a process starting at boot

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Steve Grubb <sgrubb@redhat.com>
To: Maupertuis Philippe <philippe.maupertuis@worldline.com>
Cc: "linux-audit@redhat.com" <linux-audit@redhat.com>
Subject: Re: Setting loginuid for a process starting at boot
Date: Mon, 13 Jan 2014 17:05:35 -0500	[thread overview]
Message-ID: <2073409.YWMcLiFAGF@x2> (raw)
In-Reply-To: <A35547AE65CDA84F93D4012BDFB5D5553DBFB1CABB@FRVDX100.fr01.awl.atosorigin.net>

On Monday, January 13, 2014 10:17:43 PM Maupertuis Philippe wrote:
> The process listens on a network port. It receives custom commands that are
> executed on the server. Only one remote host can communicate with the host,
> the user identifies himself on the remote host only. The goal is to allow
> the user to run  the same scripts  on a  lot of server in one command.

OK, then it sounds like you have an entry point daemon and it should be 
setting the loginuid.


> Please don't tell me it's silly or insecure or that softwares exist to do
> that in a secure  way. I would like to be able to at least monitor what
> happend throughthis channel. That means the listening process and all its
> childs where the valuable changes to the system are made. It's why I was
> thinking of setting a dedicated loginuid.
> 
> Maybe, eventually it would turn in a PAM-aware application with a proper
> user authentication and my problems will be solved.
> 
> If a simple echo does the trick what is the use of audit_setloginuid or
> pam_loginuid ? 

They hide the implementation details in case it changes someday.

>Any root script can defeat audit with a single command.

There are restrictions (fs/proc/base.c). You can only set the loginuid on 
yourself.

> I am gobsmacked !
> I hope I missed something.

And besides, any root process can run auditctl -e 0 and disable the audit 
system (unless it was marked immutable).

-Steve

next prev parent reply	other threads:[~2014-01-13 22:05 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-01-12 22:00 Setting loginuid for a process starting at boot Maupertuis Philippe
2014-01-13 20:12 ` Eric Paris
2014-01-13 20:16   ` Steve Grubb
2014-01-13 21:17     ` RE : " Maupertuis Philippe
2014-01-13 22:05       ` Steve Grubb [this message]
2014-01-14 13:13         ` Maupertuis Philippe
2014-01-14 14:33           ` Steve Grubb
2014-01-14 15:55             ` Maupertuis Philippe
2014-01-14 16:15               ` Steve Grubb

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2073409.YWMcLiFAGF@x2 \
    --to=sgrubb@redhat.com \
    --cc=linux-audit@redhat.com \
    --cc=philippe.maupertuis@worldline.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.