Slashdot Mirror
Securing DNS From The Roots Up
jeffy124 writes: "This article at ComputerWorld tells the story of how ICANN would like to replace the root DNS systems with secured servers. Lars-Johan Liman, one of the root operators, spoke about the concept at ICANN's annual meeting today. He discussed how the world's current redundant DNS system is vulnerable to DDOS attacks and yet-to-be-discovered root holes in bind that can ultimately undermine the entire Internet by taking away the name-IP mappings that are relied upon by just about everyone."
- Sun has a horrendous response time on vulnerabilities in Solaris. One study I read said that the average "exposure time" between an exploit release and a corresponding patch release was about 40-50 days. It's no wonder so many Solaris boxes get cracked, given their relative obscurity.
- Linux has such advanced features as POSIX capabilities, a working chroot() syscall that actually isolates processes, and safe privilege bridging mechanisms. Commercial UNIces have none of these. They allow Linux admins to use a much more fine-grained security model to control potentially rogue processes like BIND.
- Linux (except for SuSE) has far fewer setuid programs. On most UNIX systems, ps, whodo, netstat, xlock, and several other ridiculous programs are either setuid root or setgid kmem. Yes, even on OpenBSD. No wonder they have local root exploits so often.
- Linux has proper restrictions on signal passing. Other UNIces can be tricked into delivering malicious signals through several ioctl calls. (I have a Solaris source code license and I have seen several areas where more checking needs to be done. Sun ignores my complaints.)
Commercial UNIX operating systems do have some scalability advantages over Linux when run on big iron (64+ processor) machines. But when the integrity of the DNS system is at stake, there is no choice other than Linux.~wally