Non-interactive server administration

Submit your RBAC policies or suggest policy improvements

Moderators: spender, PaX Team

Non-interactive server administration

Postby evilangel » Thu Nov 27, 2008 12:51 pm

Hi all,

I would like to use Grsecurity RBAC model to protect some files of my servers (daemons and their config files).
However I am facing a problem.

When installing servers, we are using masters to have the same image deployed everywhere.
Then, to deploy software, we are using scripts to copy both binaries and configuration files from a master to the server.

Therefore, I need my "installation" user to by able to write files in folders like /etc.
In addition, my "installation user" shall also be able to remove some files for maintenance purpose in the same folder.
Thus, my "installation" user needs to have write access to folder such as /etc.

Is there a way to prevent an attacker that reached Root user, to switch (su) to "installation" user and modify my config files ?
In such a non-interactive administration, i don't know if it is possible to use the gr administrator profile...

Hope it was clear enough.

Thanks
evilangel
 
Posts: 59
Joined: Thu May 15, 2008 7:57 pm
Location: France

Re: Non-interactive server administration

Postby evilangel » Mon Dec 15, 2008 10:13 am

I am still wondering about the problem.
I am maybe not taking it the good way.

I could administrate my server directly using the RBAC administrator account instead of the "installation" user.

In such case, is it possible to open a SSH session under RBAC admin account ?
Or you have to log, and then "upgrade" your profile to RBAC admin account ?

Thanks
evilangel
 
Posts: 59
Joined: Thu May 15, 2008 7:57 pm
Location: France


Return to RBAC policy development

cron