This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Need some security advice for systemtap


I think a good way to handle it would be to have a configuration file
like /etc/sudoers and setuid root stap (or staprun). The access control
would then be built into systemtap. 

Here are my ideas of what would make a "good" set of controls:

 - level of tap script they can run, e.g. guru mode code or not
 - sections of the kernel they can access (maybe this is
   better represented as what tapsets may they use)
 - how much overhead are they allowed to put on the system
 - are they allowed to look at data for other user's processes
 - are they allowed to reference line #'s or direct memory addrs

I think that it would probably mean having a list created at compile
time that indicates what things the resulting modules do. staprun would
then create a permissions "mask" for the user and compare it to what is
in the module (yeah, ummm, magic happens here?) or maybe when the module
loads it looks at it's internal list and the permissions of the calling
user (passed in by staprun) and decides if it will run or not.

Thanks
Mike


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]