Subject: | |
From: | |
Reply To: | |
Date: | Fri, 16 Feb 2007 23:01:40 +0200 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Connie Sieh wrote:
>
> I did not think that the flags for Fedora Core have been made public. Do
> you have a reference to these flags.
I managed to find the URL: http://fedora.redhat.com/About/
In summary:
"Excellence: Security
Fedora is the thought and action leader in many cutting-edge Linux security initiatives.
The following security features were developed by Fedora engineers. Because all of these
security features have been pushed upstream, they are available to all Linux distributions
who choose to take advantage of them.
*
Exec-Shield -- Exec-Shield attempts to flag data memory as non-executable and
program memory as non-writeable. It also randomizes the addresses here the parts of the
running program are located. This blocks most buffer overflows because system crackers
cannot predict where pieces of the executable will be in memory. Exec-Shield is for x86
systems.
*
Position Independent Executables (PIE) -- Just as Exec-Shield allows for data
memory to be moved to random locations, PIE allows a programmer to make the executable
load at a different memory address each time it starts. Attackers cannot predict where the
application will start, making it very hard or impossible to exploit.
*
ELF (Executable and Linkable Format) Data Hardening -- These are changes to the
file components that protect the structure of the file itself.
*
SELinux -- SELinux was developed in partnership with the NSA and developers from
projects such as Gentoo and Debian. Security Enhanced Linux protects users and processes
by watching all actions on the system, from opening a file to using a socket. Users may
write their own SELinux security policies according to their risk tolerance. By default,
Fedora runs a targeted security policy that protects network daemons that have a higher
chance of being attacked. If compromised, these programs are extremely limited in the
damage they can do, even if the root account is cracked.
For example, Apache is protected in four different ways. The executable for Apache, httpd,
is protected at compile time by PIE and Exec-Shield. The executable binary file on the
system is protected by ELF hardening. Finally, SELinux policies are in place so that if
httpd is cracked, it can only append to the Apache logs and mangle content in specific
directories; it cannot roam around home directories or otherwise interact with the rest of
the system.
References:
*
http://people.redhat.com/drepper/nonselsec.pdf
*
http://fedora.redhat.com/docs/selinux-faq/
"
I am not sure GCC provides these features though, or they use VS or something. :-)
|
|
|