Systems Security

PostgreSQL 9.1 Released

/*
Among the many new features, here's a snippet from the News page:
*/

Advancing the State of the Art
Our community of contributors innovates with cutting-edge features. Version 9.1 includes several which are new to the database industry, such as:

K-Nearest-Neighbor Indexing: index on "distance" for faster location and text-search queries

Serializable Snapshot Isolation: keeps concurrent transactions consistent without blocking, using "true serializability"

Writeable Common Table Expressions: execute complex multi-stage data updates in a single query

Security-Enhanced Postgres: deploy military-grade security and Mandatory Access Control

/*
The SE-Postgres looks to be particularly interesting. It allows you to use SELinux Mandatory Access Controls on the PostgreSQL users and data. Neat. Particularly the SECURITY LABEL.
*/

/*
Beware, however, that there are some incompatibilities with previous releases!

From the 9.1 Release Notes:
*/

Change the default value of standard_conforming_strings to on (Robert Haas)

By default, backslashes are now ordinary characters in string literals, not escape characters. This change removes a long-standing incompatibility with the SQL standard. escape_string_warning has produced warnings about this usage for years. E'' strings are the proper way to embed backslash escapes in strings and are unaffected by this change.

/*
Also from the Release Notes, it mentions the addition of synchronous replication.
*/

PostgreSQL streaming replication is asynchronous by default. If the primary server crashes then some transactions that were committed may not have been replicated to the standby server, causing data loss. The amount of data loss is proportional to the replication delay at the time of failover.

Synchronous replication offers the ability to confirm that all changes made by a transaction have been transferred to one synchronous standby server. This extends the standard level of durability offered by a transaction commit. This level of protection is referred to as 2-safe replication in computer science theory.

When requesting synchronous replication, each commit of a write transaction will wait until confirmation is received that the commit has been written to the transaction log on disk of both the primary and standby server. The only possibility that data can be lost is if both the primary and the standby suffer crashes at the same time. [...] ...it also necessarily increases the response time for the requesting transaction. The minimum wait time is the roundtrip time between primary to standby.

/*
There's also a What's New in PostgreSQL 9.1 wiki page that explains much of these new features in detail.
*/

Ubuntu SecurityTeam/Roadmap/KernelHardening

There are several kernel hardening features that have appeared in other hardened operating systems that would improve the security of Ubuntu, and Linux in general. They have been controversial, so this page attempts to describe them, including their controversy and discussion over the years, so as much information is available to make an educated decision about potential implementations.

/*
This page describes various means of securing the Linux kernel on Ubuntu Linux systems. This includes symlink protection; ptrace protection; and NX emulation, among others.
*/

Anatomy of Security-Enhanced Linux

Linux has been described as one of the most secure operating systems available, but the National Security Agency (NSA) has taken Linux to the next level with the introduction of Security-Enhanced Linux (SELinux). SELinux takes the existing GNU/Linux operating system and extends it with kernel and user-space modifications to make it bullet-proof. If you're running a 2.6 kernel today, you might be surprised to know that you're using SELinux right now! This article explores the ideas behind SELinux and how it's implemented.

/*
As expected, another great article from IBM's DeveloperWorks. I read and post so many of these, I've decided to create a category for them!
*/

SELinux in Ubuntu 8.04 "Hardy Heron"

I’m really happy to announce that SELinux is now available in Ubuntu 8.04 “Hardy Heron”. This is the result of the amazing work of the ubuntu-security and ubuntu-hardened teams, as well as the huge contributions from the folks at Tresys. (note: SELinux will not be the default, but is available as a security option.)

/*
I'm really happy to read that SELinux is now available in Ubuntu 8.04! It is mutually exclusive with AppArmor, but this now gives us two options for Mandatory Access Control.
*/

Wikipedia Articles in Regards to Various Types of Exploits

/*
First, there is the Wiki page detailing exactly what an exploit is. This is a very good read and should acquaint anyone with what an exploit is and can be capable of.

Second, there are Wiki pages detailing several types of exploits and detailed information as to how they work. Below, you'll find some great examples of exploits ranging from low-risk web browser information disclosure on up to full system-level compromises.

• Buffer Overflow
  
• Heap Overflow
  
• Stack Buffer Overflow
  
• Integer Overflow
  
• Return-to-libc Attack
  
• Format String Attack
  
• Race Condition
  
• Code Injection
  
• SQL Injection
  
• Cross-Site Scripting (XSS)
  
• Cross-Site Request Forgery (CSRF)
  

Some of these methods were even new to me. The Sea-Surf (CSRF - Cross-Site Request Forgery) method is something I had at least considered as possible, but I had no idea that the method had a name and was actively in use in-the-wild.

Some of these methods require some social engineering to trick the end-user (target) into activating the payload; whereas others require no interaction by the target, and they are often unaware that they have been or are being compromised.

There are many other interesting documents covering everything from shellcode to polymorphic code to a NOP (Null OPeration) to NOP Sleds.

Happy hacking!
*/

A Step-by-Step Guide to Building a New SELinux Policy Module

/*
While this article looks to be RedHat specific, it appears that most of the tools used are platform-independent. This should certainly be of use, especially in combination with the Debian howto.
*/

SELinux - Debian Wiki

/*
Wiki-style documentation for start-to-finish SELinux implementation on Debian Linux. Nice.
*/

What’s New in SELinux for Red Hat Enterprise Linux 5?

In Red Hat Enterprise Linux 4, 15 services in system space had confined SELinux domains defined. In Red Hat Enterprise Linux 5, over 200 processes are confined by SELinux. The improved SELinux policy is much more precise in how it governs the operation of these services. It’s far less likely that a Red Hat Enterprise Linux 5 system space process will be compromised or encounter an error caused by an SELinux policy not handling the specific requirements (e.g., file or directory access) of a service.

/*
This is just a small snippet from the article, which I have not had time to read in it's entirety. Not a huge fan of RH software, but credit is given where credit is due.
*/

Comparing the Multilevel Security Policies of the Solaris Trusted Extensions and Red Hat Enterprise Linux Systems

/*
While I've not had a chance to read all of this article yet, it appears to go fairly in-depth with the Mandatory Access Controls available to both Solaris and Linux. Keep in mind that this is hosted on sun.com, so it's probably a little biased. ;)
*/

SELinux Policy Editor 2.0 Released

/*
This looks like a great GUI-based SELinux configuration editor. Looks to be based on the Qt libraries, which means it's a KDE application.

Screenshots are available of the Domain Manager, Policy Editor, Policy Generator, and Status Viewer.

Documentation and downloads are available at their respective hyperlinks.
*/