DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 9th August 2015
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 628
Default Unix file permissions vs chroot + systrace

Do you think that using Unix file permissions (DAC) is there a way to provide basic process isolation? For example: recent exploit on Firefox which can steal files from user account. If I will run Firefox on other user account, does this provide me some additional security off that kind of simple exploits?
Or I should use chroot + systrace.
Reply With Quote
  #2   (View Single Post)  
Old 9th August 2015
ibara ibara is offline
OpenBSD language porter
 
Join Date: Jan 2014
Posts: 783
Default

If browser security is something you care about, you should seriously consider joining the Netsurf
http://www.netsurf-browser.org/
or Dillo
http://www.dillo.org/
development teams.
Reply With Quote
  #3   (View Single Post)  
Old 9th August 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Quote:
Originally Posted by e1-531g View Post
Do you think that using Unix file permissions (DAC) is there a way to provide basic process isolation?
Processes are not isolated. But filesystem permission bits can be used for data access restriction. For example, you might have two userids on a workstation -- one for using untrusted browsers, and one for everything else. If you chmod(1) the $HOME directory of your "everything else" userid so that it can only be accessed by the owner, other userids (aside from the superuser) will not have access to it.
Quote:
Or I should use chroot + systrace.
With some effort, you could use chroot(8) -- but the entire userland the browser uses would need to be replicated. This is not a trivial task.

You mention systrace(1). It should not be used as a security tool, see the BUGS section of the man page. It is a system call policy governance tool. System calls not pre-approved will cause the application to be killed. Setting up a systrace policy rule set is complicated for any application, and changed to the application may require revisiting the rules. Browsers, due to their inherent complexity, may be much more difficult than other applications.

My only use of systrace these days is during port build testing -- and that is because the Project provides a systrace.policy for port builds.

Last edited by jggimi; 9th August 2015 at 10:30 PM. Reason: grammar
Reply With Quote
  #4   (View Single Post)  
Old 9th August 2015
TronDD TronDD is offline
Spam Deminer
 
Join Date: Sep 2014
Posts: 304
Default

Have you seen this thread on misc@

http://marc.info/?t=141616714600001&r=1&w=2

It talks about using a separate user and SSH for isolation.

Tim.
Reply With Quote
  #5   (View Single Post)  
Old 10th August 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

I'd seen it. There were problems noted using ForwardX11 under SSH (ssh -X) and that the circumvention would be to use ForwardX11Trusted (ssh -Y). That trust model eliminates SSH as an isolation tool, since the objective is to operate an untrusted application.
Reply With Quote
Reply

Tags
discretionary access control, process isolation, security

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Joomla FreeBSD port file permissions J65nko General software and network 2 23rd May 2013 04:46 AM
any unix utility that determines the right extension of a file ? daemonfowl Other BSD and UNIX/UNIX-like 8 22nd March 2013 12:19 PM
.wav file playing very fast on unix, fine on win gosha General software and network 16 2nd June 2009 02:37 PM
Systrace Oko OpenBSD Security 1 29th December 2008 01:52 PM
Semi-brief introduction to file permissions, BSDfan666 Guides 4 7th June 2008 02:38 PM


All times are GMT. The time now is 10:47 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick