LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-01-2013, 06:48 AM   #1
subi211
LQ Newbie
 
Registered: Nov 2010
Distribution: Xubuntu 12.04
Posts: 9

Rep: Reputation: 0
Whitelisting programs without relying on execute permissions


I'm setting up a coin-op terminal in a bar to run some games. The way I've been doing it is to install command-line Ubuntu, then a bare-minimum X install. The machine auto logs on using mingetty, then runs X with my game executable.

Recent events require me to implement some kind of program whitelist, so that it's impossible for the normal user to run any other programs other than those required for logon and the games.

The obvious thing to do is to remove execute permissions for everything for normal users. However, the list of programs that the games DO require includes mount (for updates and dumping stats and accounting info to a USB stick) meaning that any program could be run from an attacker's USB stick.

One possible method I thought of to prevent arbitrary mount use would be to use a copy of the mount source code in my own program, but I think that might cause GPL issues.

So, is there any method I can use to prevent program execution without relying on the execute permissions? Ideally I'd like some method using a checksum to prevent an attacker renaming their program to the same name as one of mine.
 
Old 11-01-2013, 07:04 AM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.6, Centos 5.10
Posts: 16,324

Rep: Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041
Simplest is to put it in a lockbox, so only the screen & controls are reachable.
Any time you leave a port physically exposed, you're asking for trouble, especially if they can reach the power button/plug.
 
Old 11-01-2013, 08:14 AM   #3
subi211
LQ Newbie
 
Registered: Nov 2010
Distribution: Xubuntu 12.04
Posts: 9

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by chrism01 View Post
Simplest is to put it in a lockbox, so only the screen & controls are reachable.
Any time you leave a port physically exposed, you're asking for trouble, especially if they can reach the power button/plug.
I agree 100%, but unfortunately I can't do that. The inside of the machine has to be accessible for emptying the cashbox, and I need to be able to ask anyone with a key to the machine to do an update or data dump via USB (they would DL the update from my FTP server, put it on a stick and then apply it themselves).

This hasn't been a problem so far, but if I want to get bigger and start putting more machines out, then because it's a coin-op I have to follow certain rules, and this is one of them. Believe me, I've already had the "This is pointless, I could get round it by doing XXX" conversation with the authorities.

In additional horrible news, I've just discovered that the driver functions provided by the hardware manufacturer (for the controls) require any program using them to be launched with root access, so I can't even feasibly use the remove-execute-permissions method.
EDIT: Managed to get around this last issue by using /etc/rc.local, so not an immediate problem.

Last edited by subi211; 11-01-2013 at 09:34 AM.
 
Old 11-01-2013, 11:15 AM   #4
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian
Posts: 2,541

Rep: Reputation: 878Reputation: 878Reputation: 878Reputation: 878Reputation: 878Reputation: 878Reputation: 878
Quote:
The obvious thing to do is to remove execute permissions for everything for normal users. However, the list of programs that the games DO require includes mount (for updates and dumping stats and accounting info to a USB stick) meaning that any program could be run from an attacker's USB stick.
You could remove execute permissions for everything and then whitelist just the programs you want using sudo. It also has some options for checksums, I think.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
relation between programs permissions and permissions of the files they use rblampain Linux - Security 1 07-10-2011 09:40 PM
Lots of compile errors with various X11-relying programs mkoco Slackware 1 02-01-2010 12:02 AM
Execute Programs: Analysis Linux - Desktop 4 06-13-2007 06:19 PM
can xmodmap be used to execute programs? vexer Linux - General 1 10-02-2004 07:26 PM
relying to email using postfix zeagle Linux - Newbie 1 09-14-2004 06:47 PM


All times are GMT -5. The time now is 10:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration