The design and implementation of tripwire: a file system integrity checker
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Malware: Fighting Malicious Code
Malware: Fighting Malicious Code
Towards Protecting Sensitive Files in a Compromised System
SISW '05 Proceedings of the Third IEEE International Security in Storage Workshop
Mastering FreeBSD and OpenBSD Security
Mastering FreeBSD and OpenBSD Security
Fedora Linux
Self-securing storage: protecting data in compromised system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Storage-based intrusion detection: watching storage activity for suspicious behavior
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Lessons from the Sony CD DRM episode
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Confining root programs with domain and type enforcement (DTE)
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Self-signed executables: restricting replacement of program binaries by malware
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
IEEE Security and Privacy
Proceedings of the 15th ACM conference on Computer and communications security
A look in the mirror: attacks on package managers
Proceedings of the 15th ACM conference on Computer and communications security
A control point for reducing root abuse of file-system privileges
Proceedings of the 17th ACM conference on Computer and communications security
| Hi-index | 0.00 |
We present a new approach for separating configuration privilege from traditional root privilege. We limit this new configuration privilege to a single (new) system daemon, configd. This daemon reads requests for changes in system configuration, either allowing or denying each request based on various criteria (possibly including user input). We do not allow any other application to run with configuration permission, forcing all requests for a change in system configuration to be processed by configd. We discuss the basic functionality required for configd to protect system configuration, and some preliminary improvements to a basic prototype design. We concentrate on only those system configuration changes performed through the modification of a file on disk.