LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 15th, 2014
Linux Advisory Watch: August 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: November 18th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were released for awstats, kdelibs, acidlab, AbiWord, uim, ftpd-ssl, phpsysinfo, phpgroupware, lynx, rar, sylpheed, gtk, egroupware, cpio, lm_sensors, and gdk-pixpuf. The distributors include Debian, Gentoo, Mandriva, and Red Hat.


Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/linsec


SELinux Administration, Part II
By: Pax Dickinson

Policy booleans are sections of policy that can be switched on or off, providing a basic level of policy configurability at runtime without requiring the recompilation of the entire security policy. For example, you might be running a webmail application on your server that requires the webserver process to be able to connect to your mail server ports and read mail files out of user's home directories. Rather than adding those permissions to the security policy where they would reduce security for those not running webmail, a policy developer would create a boolean that the local administrator could enable only if it is required. This helps maintain a high level of security and follows the principle of least privilege.

To view a list of the policy booleans in your running policy and their current states, use the sestatus command. This command will list your current enforcing mode and the enforcing mode from the /etc/selinux/config file among other information, and a list of all policy booleans and whether they are active or inactive.

You can view the current status of a single boolean by using the command getsebool and passing it the name of the boolean you want to view the state of. Booleans are set using the setsebool command, and passing it the name of the boolean you want to set followed by a 1 or 0 to set the boolean active or inactive respectively.

Some sample booleans from the EnGarde Secure Linux SELinux policy are httpd_webmail and user_ping. The httpd_webmail boolean is used for the exact situation used as an example above, while the user_ping boolean determines whether or not regular users are able to send ping packets over the network. Booleans can be as simple as a single allow statement, or can enable or disable large swathes of the policy depending on their purpose.

Our SELinux journey is almost done. Next time, we'll discuss policy development basics and see how we can troubleshoot policy denials and write new SELinux policy or modify existing policy to allow our SELinux system to get its jobs done while maintaining a high level of security. Until then, farewell and remember to stay secure.

Read Entire Article:
http://www.linuxsecurity.com/content/view/120700/49/


LinuxSecurity.com Feature Extras:

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New awstats packages fix arbitrary command execution
  10th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120778
 
  Debian: New kdelibs packages fix backup file information leak
  10th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120779
 
  Debian: New acidlab packages fix SQL injection
  14th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120802
 
  Debian: New AbiWord packages fix arbitrary code execution
  14th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120807
 
  Debian: New uim packages fix privilege escalation
  14th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120808
 
  Debian: New ftpd-ssl packages fix arbitrary code execution
  15th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120809
 
  Debian: New phpsysinfo packages fix several vulnerabilities
  15th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120810
 
  Debian: New phpgroupware packages fix several vulnerabilities
  17th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120833
 
   Gentoo
  Gentoo: PHP Multiple vulnerabilities
  13th, November, 2005

PHP suffers from multiple issues, resulting in security functions bypass, local Denial of service, cross-site scripting or PHP variables overwrite.

http://www.linuxsecurity.com/content/view/120797
 
  Gentoo: Lynx Arbitrary command execution
  13th, November, 2005

Lynx is vulnerable to an issue which allows the remote execution of arbitrary commands.

http://www.linuxsecurity.com/content/view/120798
 
  Gentoo: RAR Format string and buffer overflow vulnerabilities
  13th, November, 2005

RAR contains a format string error and a buffer overflow vulnerability that may be used to execute arbitrary code.

http://www.linuxsecurity.com/content/view/120799
 
  Gentoo: linux-ftpd-ssl Remote buffer overflow
  13th, November, 2005

A buffer overflow vulnerability has been found, allowing a remote attacker to execute arbitrary code with escalated privileges on the local system.

http://www.linuxsecurity.com/content/view/120800
 
  Gentoo: Scorched 3D Multiple vulnerabilities
  15th, November, 2005

Multiple vulnerabilities in Scorched 3D allow a remote attacker to deny service or execute arbitrary code on game servers.

http://www.linuxsecurity.com/content/view/120814
 
  Gentoo: Sylpheed, Sylpheed-Claws Buffer overflow in LDIF
  15th, November, 2005

Sylpheed and Sylpheed-Claws contain a buffer overflow vulnerability which may lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120815
 
  Gentoo: GTK+ 2, GdkPixbuf Multiple XPM decoding vulnerabilities
  16th, November, 2005

The GdkPixbuf library, that is also included in GTK+ 2, contains vulnerabilities that could lead to a Denial of Service or the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120827
 
   Mandriva
  Mandriva: Updated lynx packages fix critical vulnerability
  12th, November, 2005

An arbitrary command execution vulnerability was discovered in the lynx "lynxcgi:" URI handler. An attacker could create a web page that redirects to a malicious URL which could then execute arbitrary code as the user running lynx. The updated packages have been patched to address this issue.

http://www.linuxsecurity.com/content/view/120796
 
  Mandriva: Updated egroupware packages to address phpldapadmin, phpsysinfo vulnerabilities
  16th, November, 2005

The updated packages have new versions of these subsystems to correct these issues.

http://www.linuxsecurity.com/content/view/120829
 
  Mandriva: Updated php packages fix multiple vulnerabilities
  17th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120832
 
  Mandriva: Updated autofs packages fix problem with LDAP
  16th, November, 2005

A problem with how autofs was linked with the LDAP libraries would cause autofs to segfault on startup. The updated package has been fixed to correct this problem.

http://www.linuxsecurity.com/content/view/120830
 
  Mandriva: Updated acpid package fixes various bugs
  16th, November, 2005

A number of bugs have been fixed in this new acpid package: Correct an error in the initscript, to look for lm_battery.sh rather than battery.sh.

http://www.linuxsecurity.com/content/view/120831
 
   Red Hat
  RedHat: Critical: lynx security update
  11th, November, 2005

An updated lynx package that corrects a security flaw is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120795
 
  RedHat: Low: cpio security update
  10th, November, 2005

An updated cpio package that fixes multiple issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120785
 
  RedHat: Low: lm_sensors security update
  10th, November, 2005

Updated lm_sensors packages that fix an insecure file issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120786
 
  RedHat: Moderate: php security update
  10th, November, 2005

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120787
 
  RedHat: Moderate: php security update
  10th, November, 2005

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120788
 
  RedHat: Important: gdk-pixbuf security update
  15th, November, 2005

Updated gdk-pixbuf packages that fix several security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120817
 
  RedHat: Important: gtk2 security update
  15th, November, 2005

Updated gtk2 packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120818
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Fixes 12 Vulnerabilities in Chrome 36
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.