[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] NSA (und andere) bauen super-sicheres Linux
erster Teil einer dreiteiligen Serie
Super-Secure Linux, Inch by Inch
By Declan McCullagh and Robert Zarate
2:00 a.m. June 11, 2002 PDT
Part one of a three-part series.
WASHINGTON -- Super-secure additions to the Linux operating system are
inching closer to the mainstream.
Developers have turned Security-Enhanced Linux (SELinux), a prototype
created in part by the National Security Agency, into a module that
operates almost seamlessly on the Linux operating system.
"Even though SELinux wasn't intended as a complete secure system, we
knew that as released it could make a substantial impact to the security
of systems that incorporated it," says Grant Wagner, technical director
for NSA's Secure Systems Research Office.
It might seem a little unusual for the NSA to be working hand-in-hand
with free-software aficionados. After all, this is the agency depicted
as a clutch of inveterate snoops in the movie Enemy of the State, not to
mention a top contender for the highest number of "Big Brother" awards.
But to the NSA, there's no disconnect. In addition to codebreaking,
the NSA is responsible for keeping the U.S. government's secrets secure
-- in other words, codemaking.
In the finest military-ese, that task is handled by the NSA
Information Assurance Directorate, which also works on such mundane
tasks as sounding an unclassified warning in April about macro viruses,
e-mail worms and other problems infesting Microsoft applications.
When the NSA announced SELinux last year, its goal was to show it was
possible to bolster a mainstream operating system with extra security
features like "mandatory access controls."
Such controls verify information that the user generally cannot
control, such as IP address. Most operating systems use the more
conventional "discretionary access controls" method, which validates
only credentials given to them at the discretion of the user -- such as
the typical user name and password.
Translation: It becomes more difficult to impersonate someone.
NSA's Wagner says that SELinux's adoption rate "has exceeded our
original expectations. This release has also caused developers of
non-Linux systems to consider incorporating similar controls based upon
our earlier prototypes."
The decision to make SELinux into an add-on for Linux was motivated by
the Linux Security Modules Project. This project attempted to invent a
general way to add security modules.
"We have had reports of successful deployments in both the public and
private sectors," Wagner said. "These reports indicate that SELinux is
very effective and has countered actual attacks mounted against
Wagner refused to answer questions about specific government agencies
that were using SELinux.
Much of the work on SELinux is being done by volunteer programmers,
such as those on the SELinux mailing list, a small but growing community
Mark Westerman, a senior consultant at Westcam and a member of the
list, said his company uses SELinux for work it does for NASA through a
contract with Lockheed Martin.
"I use SELinux primarily for its security aspects. SELinux gave us
proper security to thwart hackers," Westerman said. "The major advantage
is mandatory access control. As a platform, specifically for Internet
services, I see it will be used for Web servers and DNS servers. You're
not as worried about the latest vulnerability."
Westerman began using SELinux when an early version was released in
January 2001. "We were working on this multiple security project and
using another mechanism to secure the Linux operating system," he said.
"We needed a host operating system that we could secure significantly to
attach a system to multiple security levels. SELinux was that system."
Shaun Savage, a Linux security developer, turned to SELinux because
"I wanted to use secure Linux because the projects I work on require
ultra-security, and it's better supported," Savage said. "The NSA is
behind it and they have more money."
"In my opinion, most servers should have SELinux on them because if
any exploits are found -- or even if you don't know about (problems) --
it protects the system because it limits access," Savage said.
One downside is that even for experienced security gurus, SELinux can
Savage says: "Unless you know security, it's very difficult. Unless
you've ever worked in multi-level security, I'd say don't even attempt
to incorporate because of the terminology it uses. To most people it's
gobbledygook. Most people can't understand it. If you don't know about
security, it's not a good thing to learn."
A Red Hat version of SELinux is available at sourceforge.net.
Open-source software is a generic term applied to programs for which
the source code is available -- but it may still cost money. Free
software is a subset of open-source software and generally means that
the software is available for use at no cost, subject to license
agreements like the GNU General Public License. The Linux operating
system, sometimes called the GNU Linux operating system, is free
Mail an infowar -
- infopeace -
de mit "unsubscribe" im Text.