Linux Today: Linux News On Internet Time.

More on LinuxToday

Linux Journal: Medusa DS9 Security System [Review]

Jul 03, 2000, 22:08 (2 Talkback[s])
(Other stories by Robert Dobozy)

"In the Slovak language, ``medusa'' means ``jellyfish''. Like jellyfish, Medusa can sting an enemy with its tentacles. In Greek mythology, Medusa was one of three Gorgons' sisters. Anybody who got a glimpse of her face became petrified. Medusa is a security system which can extend the overall security of your Linux system. Medusa consists of two parts. The first is a set of small patches to the Linux kernel, and the second is a user-space security daemon (authorization server) called Constable. "

"You may ask, ``Why do I need a security system such as Medusa?'' The answer depends on many factors. If you have a machine at home, you'll probably not need it. If you have a well-known and frequently used Internet server, you may have use for it. Why? Because the UNIX security scheme seems to be insufficient nowadays. Yes, it's really simple (like the whole UNIX principle), but it has many limitations. Just to mention two of them: you have no system rights at all as an ordinary user, and all rights to the whole system as root. So, when somebody breaks in using any network daemon, he can do anything he likes inside, e.g., graphics subsystem or low-level disk operations."

"The basic idea behind Medusa is really simple. Before execution of certain operations, the kernel asks the authorization server (Constable) for confirmation. The authorization server then permits, forbids or changes the operation. The authorization server and kernel talk to each other through the special device: /dev/medusa. In this way, an administrator can create his own security model, which can complete or override the original UNIX model. I have told you the principle is simple; however, the actual implementation is a bit complicated."

Complete Story

Related Stories: