Linux XServer Security

Yes. No.

 

Windows integrity levels are a good idea, but poorly implemented right now since they don't allow any configuration by the user. You can achieve similar things with SELinux, with it being much more configurable. Of course, Windows based their integrity levels on the Biba model, while most Linux MAC's are based on Bell-La Padula.

 

Say what?

 

Google them. They are basically models of access controls developed in the 70's for the government. Most MAC systems follow the concept behind one or the other.

 

No, it's a pain in the behind. Disregard what I said, I was RDFed or something. Basically that's nonsense. There is No Such Thing TM

 

What happened?

 

I did some more reading and research.

It's not nearly as powerful as I first thought, it has some fundamental limitations like every other MAC system. And it's way to complicated and buggy (at least the frontends and stuff like that) to be of any practical use - for a Desktop system.
Then there's the political aspect of it, besides the DoD involvement, how LSM got rushed into the kernel and SELinux was touted as the one and and only access control system for Linux.

I really nearly thought it could be "THE" answer to security, but of course that does not exist. It's just a tool, one of many, that helps to some degrees. Because Security is always a process, there's no "solution".

 

Has anybody tried Grsecurity? According to this site which compares SELinux, AppArmor and Grsecurity, the latter is relatively user-friendly. On the other hand, Grsecurity inludes PaX and that needs a patched kernel - I'm not willing to do that (apart from that I don't think it's necessary - I'm just asking out of interest). There are patched kernels available for Debian/Ubuntu but I would never use a 3rd party kernel .

 

Those grsec debs aren't updated often and early enough to be usable imho.

The deal breaker for me is this however:
http://bugs.gentoo.org/show_bug.cgi?id=278698
Firefox 3.5.2 and up needs both MPROTECT and RANDMMAP disabled to work at all. That renders PaX next to useless for the software I'd need it most.

Besides PaX grsec has a number of other features, chroot hardening and RBAC mainly. The former I don't need, the latter I've already covered with Apparmor which is dead simple and good enough for me.

If you want a somewhat supported grsec system PaX Team recommends running Gentoo hardened... They say that's the easiest way because of userland support. And I think they are right, for running your custom patched kernel gentoo is indeed one of the best and easiest platforms. Therefore I'd take "user-friendly" with a grain of salt

And finally there's something not so much based on hard facts and objectivity.
"PaXTeam" is anonymous. Like with Truecrypt this leaves me with some unease and questions about their intentions and agenda. Pretty stupid, I know but thought I'd mention that as well.
Linus doesn't accept anonymous contributions at all and grsec isn't interested in merging. In the past there've already been some doubts about the future of the project when they lost a sponsor iirc.

 

They are legit. They practically invented ASLR (which Microsoft and others later copied). I don't much care if devs are anonymous as long as their work is open-source and speaks for itself. The Truecrypt team is also anonymous, btw.

 

What reason do they givve for their anonymity?

 

@katio: Thanks! The description on the Gentoo homepage doesn't sound very inviting but I might try it in Virtualbox just for fun