samhain 3.1.0-5ubuntu1 / usr / share / doc / samhain / manual.html / design.html

This file is indexed.

/usr/share/doc/samhain/manual.html/design.html is in samhain 3.1.0-5ubuntu1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>General</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Samhain Host Integrity Monitoring System"
HREF="index.html"><LINK
REL="UP"
TITLE="Security Design"
HREF="security-design.html"><LINK
REL="PREVIOUS"
TITLE="The server"
HREF="server-security.html"><LINK
REL="NEXT"
TITLE="List of options for the ./configure script"
HREF="compilation-options.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="./docbook.css"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><!--#if expr="! ($HTTP_USER_AGENT = /MSIE/)"--><!--#include virtual="/resources/ssi/header.html"--><!--#endif --><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>The Samhain Host Integrity Monitoring System</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="server-security.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 11. Security Design</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="compilation-options.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="DESIGN"
>11.5. General</A
></H1
><P
>  Obviously, a security application should not open up security holes by 
  itself. Therefore, an inportant aspect in the 
  development of <SPAN
CLASS="APPLICATION"
>samhain</SPAN
> 
  has been the security of the program itself. 
  While <SPAN
CLASS="APPLICATION"
>samhain</SPAN
> comes
  with no warranty (see the license), much effort has been invested
  to identify security problems and avoid them. </P
><P
>  As the client requires root privileges, while the server does not,
  the clients has no open socket to listen on the network. Consequently,
  all client/server connections are initiated by the client.</P
><P
>  To avoid buffer overflows, only secure string handling functions are 
  used to limit the amount of data copied into a buffer to the size 
  of the respective buffer (unless it is known in advance that 
  the data will fit into the buffer).</P
><P
>  On startup, the timezone is saved, and all environment variables are
  set to zero thereafter. Signal handlers, timers, and file creation mask 
  are reset, and the core dump size is set to zero. If started as daemon,
  all file descriptors are closed, and the first three streams are 
  opened to <TT
CLASS="FILENAME"
>/dev/null</TT
>. </P
><P
>  If external programs are used (in the entropy gatherer, 
  if <TT
CLASS="FILENAME"
>/dev/random</TT
>
  is not available), they
  are invoked directly (without using the shell), with the full path,
  and with a limited environment (by default only the timezone). Privileged
  credentials are dropped before calling the external program.</P
><P
>  With respect to its own files (configuration, database, the log file, and
  its lock), on access <SPAN
CLASS="APPLICATION"
>samhain</SPAN
> checks 
  the complete path for write access
  by untrusted users. Some care has been taken to avoid race 
  conditions on file access as far as possible.</P
><P
>  Critical information, including session keys and data read from files
  for computing checksums, is kept in memory for which paging is disabled
  (if the operating system supports this). This way it is avoided that
  such information is transfered to a persistent swap store medium, 
  where it might be accessible to unauthorized users.</P
><P
>  Random numbers are generated from a pseudo-random number generator (PRNG)
  with a period of 2^88 (actually by mixing the output from three
  instances of the PRNG). The internal state of the PRNG is seeded from
  a strong entropy source (if available, 
  <TT
CLASS="FILENAME"
>/dev/random</TT
> is used, else
  lots of system statistics is pooled and mixed with a hash function).
  The PRNG is re-seeded from the entropy source at regular intervals
  (one hour).</P
><P
>  Numbers generated from a PRNG can be predicted, if the internal state
  of the PRNG can be inferred. To avoid this, the internal state of the 
  PRNG is hidden by hashing the output with a hash function.</P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="server-security.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="compilation-options.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>The server</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="security-design.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>List of options for the ./configure script</TD
></TR
></TABLE
></DIV
><!--#if expr="! ($HTTP_USER_AGENT = /MSIE/)"--><!--#include virtual="/resources/ssi/footer.html"--><!--#endif --></BODY
></HTML
>

APT Browse - Built by Thomas Orozco.