SELinux Testing Software/Scripts
Daniel J Walsh
dwalsh at redhat.com
Sat Oct 16 14:41:06 UTC 2004
Alex Ackerman wrote:
> This may sound like an odd request, but I am currently working on my
> master’s thesis on the topic of SELinux integration into the
> workplace. Part of the analysis involves testing the security
> containment capabilities of SELinux; i.e., making sure that SELinux
> functions as advertised when dealing with events of escalating
> privilege. Does anyone on this list have any recommendations on
> scripts or programs which can test these capabilities? My test
> platforms are Fedora Core 3 (once released) and Red Hat Enterprise
> Linux v4.0 Beta 1. My current thinking would be to downgrade certain
> packages (httpd, etc) to a known vulnerable state and test, but would
> like to know how the members on the list test their systems. Any help
> would be appreciated. I can be reached at ackermal at jmu dot edu or
> alex at darkhonor dot com if you would like to discuss this off-list.
> Thank you for any assistance.
>
> Alex Ackerman
>
> James Madison University
>
>------------------------------------------------------------------------
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
I don't have any test scripts but i think rolling back the packages to
one with a known vulerability would work, but since one goal of a hacker
is to get a root shell, you could use runcon with a shell script to
simulate what would happen if a hacker was successfull.
runcon -t httpd_t /bin/sh
Of course I can only get this to work in permissive mode. Setting it to
enforcing kills the shell since it can not access the tty.
Also get an error "execvp: Permission denied" in enforcing.
Dan
More information about the fedora-selinux-list
mailing list