Re: [OT] Re: keyboard driver of 2.6 kernel

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Roberto Nibali <ratz@drugphish.ch>
To: "Leonard Milcin Jr." <leonard.milcin@post.pl>
Cc: Jan Engelhardt <jengelh@linux01.gwdg.de>, linux-kernel@vger.kernel.org
Subject: Re: [OT] Re: keyboard driver of 2.6 kernel
Date: Thu, 05 Jan 2006 13:47:42 +0100	[thread overview]
Message-ID: <43BD156E.8090601@drugphish.ch> (raw)
In-Reply-To: <43BD09F4.2090603@post.pl>

>> http://www.drugphish.ch/patches/ratz/bash/bash-3.0-fix_1439-3.diff
>>
>> But http://ttyrpld.sourceforge.net/ looks indeed interesting, however 
>> no 2.4.x support from what I can see.
>
> This can be very easily circumvented if you can execute another shell 
> (for example your own version of bash without patch).

Everything can be circumvented, but that's hardly the point of what the 
patch tries to achieve. It is/was actually a requirement for financial 
institutes, governments and ISPs running Linux-based services to comply 
to the SOX and Basel II acts. Besides, ttyrpld can also be cirumvented 
on a normal Linux distribution without special countermeasures or 
policies regarding kernel module loading. It's just a tad bit harder to do.

The cited patch has auditing and trace facilities up to the point where 
no intended malicious actions happen. It's only there to log and not to 
prevent any kind of attack.

Some of our systems for example run a highly secured Linux distribution 
(Pitbull LX, SELinux, RSBAC, and partially other compartmentalized 
environments), but some of those enhanced security systems do not 
provide sufficient logging mechanisms to comply to those new acts.

The reason I mentioned my patch is that it's non-intrusive, and this 
helps in case of a security certification, and maybe also otherwise. YMMV.

Best regards,
Roberto Nibali, ratz
-- 
echo 
'[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc

next prev parent reply	other threads:[~2006-01-05 12:46 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-01-04  8:32 keyboard driver of 2.6 kernel P.Manohar
2006-01-04  8:33 ` Arjan van de Ven
2006-01-04  9:07   ` Leonard Milcin Jr.
2006-01-04  9:23     ` Jan Engelhardt
2006-01-05 10:08       ` [OT] " Roberto Nibali
2006-01-05 11:51         ` Jan Engelhardt
2006-01-05 12:43           ` Roberto Nibali
2006-01-05 21:07             ` Nuno Monteiro
2006-01-05 23:28               ` Roberto Nibali
2006-01-06  7:01                 ` Jan Engelhardt
2006-01-06 10:28                   ` Nuno Monteiro
2006-01-05 11:58         ` Leonard Milcin Jr.
2006-01-05 12:47           ` Roberto Nibali [this message]
2006-01-04 16:25   ` Dmitry Torokhov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=43BD156E.8090601@drugphish.ch \
    --to=ratz@drugphish.ch \
    --cc=jengelh@linux01.gwdg.de \
    --cc=leonard.milcin@post.pl \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox