SecurityTeam/Roadmap - Ubuntu Wiki

Roadmap

Revision 25 as of 2008-04-29 22:08:13

Clear message

Include(SecurityTeam/Header)

ContentsBR TableOfContents

SELinux Support

The roadmap and progress on providing ["SELinux"] support for Hardy can be found at the ["HardySELinux"] wiki page.

Hardening Wrapper

Intrepid Ibex: enable the [:Security/HardeningWrapper: HardeningWrapper] on all buildd systems so all programs are compiled with it by default.

Documentation

The Security Team [:SecurityTeam/FAQ: FAQ] needs to be written to answer the various questions Ubuntu gets about security.
The Security Team [:SecurityTeam/KnowledgeBase: KnowledgeBase] needs to be written. Many ideas have already been listed there.

Investigations

Several ideas for possible work come from investigating existing the installed set of packages.

[:Security/Investigation/Setuid: setuid]: which programs are setuid and what may be needed to improve them.
Investigate possible unsafe defaults such as : https://help.ubuntu.com/community/UnsafeDefaults
SAK : http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-hardy.git;a=blob;f=Documentation/SAK.txt;hb=HEAD

Wishlist

This area can be used to list ideas for future security work, or link to bugs that describe "Wishlist" issues.

non-exec stack bugs (there are still some programs that have executable stack regions)
- "readelf -l $BIN" shows GNU_STACK with "E".
- Gentoo write-up of what to do: http://www.gentoo.org/proj/en/hardened/gnu-stack.xml
more profiles added to apparmor-profiles
online migration to SHA1-512 for /etc/shadow or other more secure scheme where "123456" as a password can't be cracked using rainbow tables (it can, right now). this should be perfectly feasible for Hardy using a PAM mechanism similar to pam_smbpass.so migrate. possibly needs to look out for conflicts in the medium-term to long-term Ubuntu LDAP directory for users strategy.
hardened default config (Bastille-like). Check the compatibility of debian-bastille
look into chrooted-packages (as in apt-get install apache-chroot). Special attention on virtual hosting, updating and adding packages and modules. Another option would be to develop an apparmor profile and/or selinux policy.
Modify debsecan package to grab CVE reports from USN
Extract useful ["/Grsecurity"] patches for the kernel.
Modify apt-listbugs package to check package CVE's from USN.
Implement more useful SAK that does not kill a running X server/session (Secure Attention Key: http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-hardy.git;a=blob;f=Documentation/SAK.txt;hb=HEAD). The current SAK implementation closes everything that has /dev/console open, including entire tty7 (graphical display), while the Windows implementation is more useful because there is an option to require Ctrl-Alt-Del prior to entering any log on password (initial log on, re-log on after returning from screensaver, etc.).

CategorySecurityTeam