From: Daniel J Walsh <dwalsh@redhat.com>
To: "Fedora SELinux support list for users & developers."
<fedora-selinux-list@redhat.com>
Cc: selinux@tycho.nsa.gov, ackermal@jmu.edu
Subject: Re: SELinux Testing Software/Scripts
Date: Sat, 16 Oct 2004 10:41:06 -0400 [thread overview]
Message-ID: <41713302.5080301@redhat.com> (raw)
In-Reply-To: <A52BEA1D8EE8634B9196A136333637B130F1@maat.darkhonor.net>
Alex Ackerman wrote:
> This may sound like an odd request, but I am currently working on my
> master’s thesis on the topic of SELinux integration into the
> workplace. Part of the analysis involves testing the security
> containment capabilities of SELinux; i.e., making sure that SELinux
> functions as advertised when dealing with events of escalating
> privilege. Does anyone on this list have any recommendations on
> scripts or programs which can test these capabilities? My test
> platforms are Fedora Core 3 (once released) and Red Hat Enterprise
> Linux v4.0 Beta 1. My current thinking would be to downgrade certain
> packages (httpd, etc) to a known vulnerable state and test, but would
> like to know how the members on the list test their systems. Any help
> would be appreciated. I can be reached at ackermal at jmu dot edu or
> alex at darkhonor dot com if you would like to discuss this off-list.
> Thank you for any assistance.
>
> Alex Ackerman
>
> James Madison University
>
>------------------------------------------------------------------------
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list@redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
I don't have any test scripts but i think rolling back the packages to
one with a known vulerability would work, but since one goal of a hacker
is to get a root shell, you could use runcon with a shell script to
simulate what would happen if a hacker was successfull.
runcon -t httpd_t /bin/sh
Of course I can only get this to work in permissive mode. Setting it to
enforcing kills the shell since it can not access the tty.
Also get an error "execvp: Permission denied" in enforcing.
Dan
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2004-10-16 14:41 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-10-16 13:56 SELinux Testing Software/Scripts Alex Ackerman
2004-10-16 14:41 ` Daniel J Walsh [this message]
2004-10-16 18:04 ` Luke Kenneth Casson Leighton
2004-10-17 1:01 ` Erich Schubert
2004-10-17 14:04 ` Luke Kenneth Casson Leighton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41713302.5080301@redhat.com \
--to=dwalsh@redhat.com \
--cc=ackermal@jmu.edu \
--cc=fedora-selinux-list@redhat.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.