Menu
▾
▴
Re: [Linux-ima-user] Problems using IMA
|
From: Reiner S. <sa...@us...> - 2007-07-31 13:19:00
|
Hi Till, The reason these logs are protected are that these logs include the fingerprints of all applications that run on the system. There are two ways this could be abused a) privacy: these fingerprints give away which programs the system runs, which 'could' be related back to the users assuming the 'users' control the system and not some bot... b) security: these fingerprints are valuable to attackers (also to local users) because they help determining potential application vulnerabilities and exploits; the usual race between 'us' knowing where to improve security and 'them' knowing gaining knowledge where security is low So the hope is that priviledged applications are less vulnerable and follow the system policy with regard to whom such measurement lists are exposed. The TSS stack would hopefully in the future implement access controls and policies for this purpose and be the only process accessing the measurements directly. In standard Unix we only have 'user', and 'group' to differentiate processes; so we use 'root'. In labeled systems, such as SELinux or EVM/SLIM, the TSS could get its own domain/label and access to the measurements and TPM interfaces could be restricted to this process only. Helps? Reiner __________________________________________________________ Reiner Sailer, Research Staff Member, Secure Systems Department IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532 Phone: 914 784 6280 (t/l 863) Fax: 914 784 6205, sa...@us... http://www.research.ibm.com/people/s/sailer/ "Till Bentz" <ti...@on...> Sent by: til...@go... 07/31/2007 04:30 AM Please respond to ti...@on... To Reiner Sailer/Watson/IBM@IBMUS cc Subject Re: [Linux-ima-user] Problems using IMA Hello Reiner, I was wondering if there are security reasons why the measurement files are only readable to root. From my understanding it should be easy to make them readable by everyone and at the moment I can't see a problem with that. I think it would make the development of applications much easier... I looked into the patch and it seems that I would only have to add a "S_IROTH" to the creation of the measurement files... Thanks for your help. On 7/31/07, Till Bentz <ti...@on...> wrote: Hi Reiner On 7/31/07, Reiner Sailer < sa...@us...> wrote: Hi, let us do some cross-checking for the configuration: - do you see NSA SELinux as an option (under security)? - do you have SHA1 enabled --y-- (in crypto options)? - do you TPM eneabled --y-- (in drivers/char)? I think I can answer all questions with yes. Tonight I can send you a copy of the config, if you are interested. Thanks. Unfortunately, it seems that dependent configs only become visible once the dependencies are resolved. If all the answers above are yes, then it is time for creating a new patch ... Let me know Reiner "Till Bentz" <ti...@on...> Sent by: lin...@li... 07/30/2007 06:00 PM Please respond to ti...@on... To lin...@li... cc Subject [Linux-ima-user] Problems using IMA Hello, I am trying to get IMA running on my T60 laptop. As far as I understood it has a TPM that is working using TPM_Tis. I have kernel 2.6.22 and ibm_ima_8.0_2.6.21.3.patch. If I apply the patch it works fine except the changes in the Makefile which seem to be applied already. My problem is now, that in my config (using make xconfig) is no option to enable IMA as stated in the Readme. Thanks for any help. -- MfG Till ********************************************** Der Benutzer ist eine nicht zu tolerierende Quelle der Unsicherheit ********************************************** ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Linux-ima-user mailing list Lin...@li... https://lists.sourceforge.net/lists/listinfo/linux-ima-user -- MfG Till ********************************************** Der Benutzer ist eine nicht zu tolerierende Quelle der Unsicherheit ********************************************** -- MfG Till ********************************************** Der Benutzer ist eine nicht zu tolerierende Quelle der Unsicherheit ********************************************** |
