Today, Linux users use sudo/su commands to attribute Linux’s administrative privileges to their programs. These commands always give the whole list of administrative privileges to Linux programs ...unless there are pre-installed default policies defined by Linux Security Modules (LSM). LSM requires users to inject the needed privileges into the memory of the process and to declare the needed privileges in an LSM policy. This approach can work for users with good knowledge of the syntax of LSM policies. However, adding or editing an existing policy is very time-consuming because LSM requires adding a complete list of traditional permissions and administrative privileges. Therefore, we propose a new Linux module called RootAsRole dedicated to managing administrative privileges. RootAsRole is not proposed to replace LSM but to be used as a complementary module to manage Linux administrative privileges. RootAsRole allows Linux administrators to define a set of roles that contain the administrative privileges and restrict their usage to a set of users/groups and programs. Finally, we conduct an empirical performance study to compare RootAsRole tools with sudo/su commands to show that the overhead added by our module remains acceptable.
The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data. It is based on X.509 Certificates. Our previous research showed that popular Web Browsers exhibit ...non-standardized behaviour with respect to the certificate validation process <xref ref-type="bibr" rid="ref1">1 . This article extends that work by examining their handling of OCSP Stapling. We also examine several popular HTTPS interception products, including proxies and anti-virus tools, regarding their certificate validation processes. We analyse and compare their behaviour to that described in the relative standards.
Historically and by default, Linux does not respect the principle of least privilege because it grants all the privileges to administrators to execute their tasks. With the new personal data ...protection or export control regulations, the principle of least privilege is mandatory and must be applied even for system administrators. The Linux operating system since version 2.2 divides the privileges associated with the superuser into distinct units called capabilities. Linux capabilities allow coarse-grained access control to restricted system features. The "RootAsRole" project is introduced as a solution for delegating administrative tasks while matching the necessary capabilities. However, limitations in user experience and the mapping of Linux capabilities pose significant obstacles. This paper proposes enhancements to achieving a balance between usability and the principle of least privilege, emphasizing the need for precise capability definitions. Future work involves enhancing the RootAsRole access control model and addressing the need for a comprehensive administration access control framework for managing Linux capabilities effectively.
PDF