TWiki> Repository Web>WeeklyPapersFall07>TrustedPathExecution (07 Nov 2007, AndrewBlaich)EditAttach

Trusted Path Execution for the Linux 2.6 Kernel as a Linux Security Module

Authors: Niki A. Rahimi

Complete Citation

Rahimi, N. A. 2004. Trusted path execution for the linux 2.6 kernel as a linux security module. In Proceedings of the USENIX Annual Technical Conference 2004 on USENIX Annual Technical Conference (Boston, MA, June 27 - July 02, 2004). USENIX Association, Berkeley, CA, 34-34.

Abstract

The prevention of damage caused to a system via malicious executables is a significant issue in the current state of security on Linux operating systems. Several approaches are available to solve such a problem at the application level of a system but very few are actually implemented into the kernel. The Linux Security Module project was aimed at applying security to the Linux kernel without imposing on the system. It performs this task by creating modules that could be loaded and unloaded onto the system on the fly and according to how the administrator would like to lock down their system. The Trusted Path Execution (TPE) project was ported to the Linux kernel as a Linux Security Module (LSM) to create a barrier against such security issues from occurring. This paper will at- tempt to explain how Trusted Path Execution is implemented in the Linux kernel as an LSM. It will also describe how TPE can prevent the running of malicious code on a Linux system via a strategically placed hook in the kernel. The usage of a pseudo-filesystem approach to creating an access control list for users on the system will also be discussed. The paper will further explain how TPE is designed and implemented in the kernel. This paper will show how the access control list is utilized by the module to place checks on the execution of code on the system along with a check of the path the code is being run in. Further, the origins of the “Trusted Path” concept and its origination in the OpenBSD? operating system will be discussed along with how TPE was introduced to the Linux security community. The paper will conclude with a synopsis of the contents and future paths and goals of the project.

Annotations

Trusted path in TPE sense is: where parent directory of a file is owned by root and is neither group nor other writable

Trusted user access control list

tpefs = pseudo file system TPE uses to manage user ACLs

  • table.png:
    table.png

-- AndrewBlaich - 07 Nov 2007

Attachments Attachments
Topic attachments
I Attachment Action Size Date Who Comment
pdfpdf p34-rahimi.pdf manage 101.1 K 07 Nov 2007 - 17:10 AndrewBlaich  
Edit | Attach | Print version | History: r1 | Backlinks | Raw View | More topic actions
Topic revision: r1 - 07 Nov 2007 - 17:10:26 - AndrewBlaich
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback