Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trusted Debian v1.0 Released

Posted by timothy on from the trusty-too dept.

Peter Busser writes "The Trusted Debian project releases its first official release, v1.0. Its main focus is solving most (but unlikely all) buffer overflow problems. It features PaX, a kernel patch which does several things. It tries to keep code and data apart, it randomizes stack, code, heap and shared libraries, it does strict mprotect() checking and it also protects the kernel. Trusted Debian also uses the stack protector patch for GCC developed by Hiroaki Etoh at IBM, which adds overflow checks to C/C++ code. It also features FreeS/WAN and RSBAC, an extensive access control framework. More information is available from the website. There is also a demonstration available for the special capabilities of this release."

19 of 259 comments (clear)

  1. AHA! by FortKnox · · Score: 4, Insightful

    which adds overflow checks to C/C++ code

    Overflow check? But I thought C/C++'ers like the amount of CONTROL that comes from being able to shoot themselves in the foot!

    At least, that's what they tell me when I tell them I program in Java now.
    Guess you'll need to figure a way around these checks, eh? ;-)

    --
    Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
  2. Other alternatives... by ajiva · · Score: 0, Insightful

    There are other alternatives to this:

    Trusted Solaris
    Big IBM Mainframe

    But this is the first the runs on run-of-the mill
    x86 hardware, and will provide Linux with the sort of enterprise level of protection that Linux needs to be competititve. This may make MS think about security even more!

  3. compared to other systems by pyros · · Score: 2, Insightful
    I'd like to know how many other UNIX sysems implement these kinds of technologies, except OpenBSD. How well do they compare? Again, I'd like to know how many other UNIX systems implement these safegaurds, except OpenBSD.

    hint - read the article before responding/modding

  4. trusted for what? by 192939495969798999 · · Score: 3, Insightful

    Where is it implemented that a trustworthy operating system is required? there should be a standard for printing the word "trusted" on a software program, so that everyone knows what everyone else is talking about. Companies shouldn't just be able to print "trusted", just like i can't print "low fat" on a hamburger if it's not up to some standard of "low fat".

    --
    stuff |
  5. Re:Eh? by ZenShadow · · Score: 5, Insightful

    Two words: marketing buzzword.

    --
    -- sigs cause cancer.
  6. Re:No Remote... by Jason1729 · · Score: 4, Insightful

    Secure Debian sounds like a good name for it. The first thing I thought of when I read Trusted Debian was that it will be like palladium.

    Jason
    ProfQuotes

  7. A trusted 1.0... by japhar81 · · Score: 4, Insightful

    I'll call an OS trusted after its been deployed for at least a year with no intrusions.

    How do you call 1.0 of something 'trusted'? Regression testing and looking good on paper is great, but until you can prove that the damn thing works (i.e. make me trust it) it ain't trusted.

    That said, I'm going to grab my copy and play around. We need more security-focused distros. BSD has it right (no remote exploits with a base install), linux needs to do a little catching up in the access control area.

  8. Re:speed? by lithron · · Score: 2, Insightful

    Don't all these "overflow checkers" kill the speed of C(++) apps? I'd like to see some comparisons between the two distributions.

    Speed and security are two completely different objectives. If you are going to use something like Trusted Debian, its because the security is much more important than the speed. I mean, what good does speed do you after your web site is hacked?

  9. Other distros? by Anonymous Coward · · Score: 3, Insightful

    Shouldn't we be pushing to get this integrated into other linux distros?

    If Redhat, for example integrated in into RH 10 or Mandrake into 9.2.

  10. Trite bullshit by I+Am+The+Owl · · Score: 4, Insightful
    I can't believe somebody modded you up for that. This doesn't even begin to approach the level of security that the likes of Trusted Solaris and high end IBM software is at. It's just a collection of security fixes and patches. It's not even introduction of an ACL system like TrustedBSD has. It's just a half-assed attempt at a security audit to remove the existing bugs.

    Real security comes by design, not by sticking your thumb in the dike again and again and again.

    --

    --sdem
    1. Re:Trite bullshit by Panoramix · · Score: 3, Insightful
      I can't believe somebody modded you up for that. This doesn't even begin to approach the level of security that the likes of Trusted Solaris and high end IBM software is at.

      Well, I think it's better to see someone starting to walk that path, rather that just sitting there complaining that Linux doesn't even begin to approach the level of security of some other OS.

      It's just a collection of security fixes and patches. It's not even introduction of an ACL system like TrustedBSD [trustedbsd.org] has. It's just a half-assed attempt at a security audit to remove the existing bugs.

      From what I saw, after a cursory look at their page, they are using the RSBAC patch, which allows for quite a lot of security models (it is even extensible, like PAM on steroids, it seems). ACLs are just one of the supported models. The capabilities and resource models look quite useful, and I am very interested in learning more about their "functional control", "privacy" and "role compatibility" models. Also note the "malware scan" model, which scans for viruses and the likes on execution. Also, they state that models can be combined, and, furthermore, it seems that this can be applied to network accesses, not just files, which sounds like something I really, really want.

      (Read the list of models with brief descriptions at their overview page.)

      Note that I'm not familiar with this software (yet), so I can't say if it really is as good as it seems. But it looks very interesting --and a far cry from a "half-assed attempt at a security audit". I intend to try it as soon as I can.

  11. Why copy OpenBSD by mnmn · · Score: 1, Insightful


    I think OpenBSD has been at it with such efforts for a while. Why is FreeBSD shifting its niche, or nudgeing OpenBSD out of the ring?

    --
    "Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
  12. trusted BSD by bolthole · · Score: 3, Insightful

    I forgot to mention in my original article, that "Trusted BSD" strives to meet the same security standards that Trusted Solaris does.
    "Mandatory Access Controls" and all that fun stuff.

    [www.trustedbsd.org]

    So, "Trusted Debian" is the odd man out.

  13. Trusted Computing. by mindstrm · · Score: 4, Insightful

    All the stuff about buffer overflows, code audits, stack randomization... those are all attempts at plugging security issues.
    None of them really have anything to do with "trusted computing".

    Trusted computing is normally about 2 things: Making sure that nothing has access to anything it's not supposed to, and making sure that there is an audit trail for who did what.

    Example: Normal linux distributed -vs- NT.

    Okay... I hate windows.. but....

    Ever been frustrated because, in windows, if someone sets permissions on a directory they own, and says administrator can't access it... when administrator tries to access it, he gets denied?
    In unix, of course, root just ignores said permissions.. or changes them.
    In NT.. administrator has to first take ownership of the object THEN change the permissions... and administrator can't assign ownership back to the other user (though of course, administrator can grant access to the object).
    Why? So there is a trail of events. Your file was changed? You say you didn't do it? IF administrator did it, it will show in the file permissions.

  14. Re:bad/evil marketing by debian by msimm · · Score: 1, Insightful

    I dunno, seems like a fine name and a nice idea. I wouldn't get so royally worked up about this, save your strength for politics or something. I notice oss people spend a lot of energy complaining, while the developers are doing the work? Yuck.

    --
    Quack, quack.
  15. Re:Halfway measures by ZenShadow · · Score: 3, Insightful

    If you want security, write in Java.

    This kind of naive attitude is why we have so much bloody buggy software. While changing programming languages may reduce a certain class of errors, it will never, ever, ever result in security. It can't. The programming language can't prevent a programmer from being stupid.

    If you want security, you'll actually have to do the one thing that few programmers actually take the time for in this industry: don't take shortcuts. Plan your software, plan your security model, code it carefully, have it peer reviewed (carefully, two or three times), etc...

    Then you'll have a *hope* of security.

    That being said, security in software is all a carefully crafted illusion anyway.

    --
    -- sigs cause cancer.
  16. don't mod this down by Anonymous Coward · · Score: 2, Insightful
    this AC has a very good point... it is all about relativity really. Debian and to a larger extent Linux itself is very insecure and buggy. One only needs to look at the code or the various message boards to see this. However, anyone who has has significant experience in actually testing and fixing programs and complete suites on a Windows system (especially NT and 2000 Server) will tell you how Windows is so much worse.

    This is the lesson: assume your OS is insecure and adopt a level of risk acceptance. Don't put all your eggs into one basket unless you really can handle loosing them all. Don't every trust anyone who says they have a "fool proof" or "hacker proof" system or anything to that degree of finality including, "Oh, don't worry... no one will ever break this." If you are running a home server and the worst you have to loose is some of your prized pumpkin pie recipes then I would not worry much at all. If however you store customers' personal information and financial information then yes I would be a bit more concerned.

  17. Profit?!? by Pharmboy · · Score: 2, Insightful

    Two words: marketing buzzword.

    1. Create more secure operating system.
    2. Give it away for free.
    3. ????
    4. PROFIT!

    Ok, I give, wtf _IS_ the third step that would require a marketing buzzword? I guess you can market for bragging rights, but I am guessing it was more of an afterthought than a business plan.

    I bet I can name everyone that has gotten rich on Debian on one hand.............and still have 5 fingers left.

    --
    Tequila: It's not just for breakfast anymore!
  18. Re:Whats in it for me? by vadim_t · · Score: 2, Insightful

    There were exploits in SSH and SSL not very long ago. Who knows if some script kiddie nmap'ped your whole ISP and grepped his/her list for SSH servers to try to get into? Sometimes a bit of paranoia doesn't hurt.