Session
Schedule FOSDEM 2022
Security

Sudo

Watch and control your blind spots
M.security
Peter Czanik
<p>Sudo is used by millions to control and log administrator access to systems, but using only the default configuration, there are plenty of blind spots. Using the latest features in sudo lets you watch some functions that previously were blind spots and you can also control access to them. There were several minor and major changes since the 1.9.0 release that I discussed in my previous FOSDEM talks. Here are the four major new features allowing you see your blind spots:</p> <ul> <li><p>instead of giving full shell access, you can fine-tune the working directory and chroot settings</p></li> <li><p>JSON-formatted logs give you more details on events and are easier to act on</p></li> <li><p>relays in sudo_logsrvd make session recording collection more secure and reliable</p></li> <li><p>you can log and control sub-commands executed by the command that is run through sudo</p></li> </ul>
Previously, there were quite a few situations where you had to give users full shell access through sudo. Typical examples are when you run a command from a given directory, or run commands in a chroot environment. You can now configure the working directory or the chroot directory and give access only to the command the user really needs. Logging is one of the main roles of sudo, to see who did what on the system. Using JSON-formatted log messages gives you even more information about events. Also, structured logs are easier to act on. Setting up alerting for suspicious events is much easier when you have a single parser to configure for any kind of sudo logs. You can collect sudo logs not only by local syslog, but also by using sudo_logsrvd, the same application used to collect session recordings. Speaking of session recordings: instead of using a single central server, you can now have multiple levels of sudo_logsrvd relays between the client and the final destination. This allows session collection even if the central server is unavailable, providing you with additional security. It also makes your network configuration simpler. Finally, you can log sub-commands executed from the command issued through sudo. You can see commands started from a shell. No more unnoticed shell access from text editors. And, best of all: you can also intercept sub-commands.

Additional information

Type maintrack

More sessions

2/6/22
Security
Longjun Luo
M.security
<p>Currently, operating systems have become increasingly complex and thus more sensitive to security problems and performance issues. In some circumstances, developers have to reboot their systems in order to patch security vulnerabilities, fix bugs, and add new features, which will bring unavoidable downtime for running applications. Live-patch is an elegant solution. But, it can only work in 30 percent of circumstances. In our project, we put another solution into practice. We use a ...
2/6/22
Security
HuaxinLu
M.security
<p>Security design is an very important step in the software development. In order to meet the principle of least privilege, developers make rules for applications based on data flow and control flow of processes, such as SELinux and AppArmor. This step can be automated with secPaver. With the permission description of application, secPaver can generate security policy for different security mechanisms. By this way, security design can be simplified, and developers do not need to know many ...
2/6/22
Security
Deepu K Sasidharan
M.security
<p>Security in programming starts from the programming language itself. The majority of CVEs we encounter are due to memory safety issues and I'm here to talk about how a language like Rust is the way forward in avoiding those. Rust is a great programming language. It is a developer favorite and is rapidly gaining a foothold outside of systems programming. It has the potential to become a great general-purpose language with little of the overhead of traditional high-level general-purpose ...
2/6/22
Security
Sebastian Crane
M.security
<p>Software Bill of Materials (SBOMs) have emerged as a powerful tool for guiding supply chain security in modern software development environments. As an 'ingredients list' of files, package dependencies and other artefacts that a piece of software is made up of, Software Bill of Materials are becoming an essential part of modern software development practices.</p> <p>Open source software provides great transparency and can yield rapid vulnerability patching, but this is too often compromised ...
2/6/22
Security
Romuald Vandepoel
M.security
<p>By design, Kubernetes will store secrets encoded in base64 within its etcd resulting in an insecure solution.<br/> While a couple commercial and open-source solutions exist to solve this problem, they all call for a separate set of tools, skills and limitations along with hardstop from CISO and Security Architect. Kubernetes put in place a KMS provider plugin framework and Trousseau leverages it to solve the secret management using standard Kubernetes API secret objects and constructs.</p>
2/6/22
Security
Allon Mureinik
M.security
<p>Eighteen years into my career, I decided to pivot and move from infrastructure-related work to the world of application security. If there’s one thing I’ve learned in the three years of working in application security is that it’s a funny business. Our entire business model is based on pointing out the mistakes of other programmers.</p> <p>In this talk, I want to shoot myself in the foot and share some concepts that could help eliminate a lot of those mistakes, and reduce my job to ...
2/6/22
Security
Bruce Momjian
M.security
<p>Tls/ssl forms the backbone of secure digital communication. This presentation covers the details about the tls protocol and its use of lower-level cryptographic methods. There is also an extensive section about the creation and use of digital certificates for authentication, with examples from web servers and Postgres.</p>