![[LWN Logo]](/images/lwn.banner.gif)
Date: Fri, 31 Dec 1999 12:54:08 +0200
To: lwn@lwn.net
From: Serge Lozovsky
Subject: article suggestion. New linux security software.
Hi,
there is a new software to protect Linux hosts.
VXE (Virtual eXecuting Environment) protects UNIX servers from
intruders, hacker attacks from network and so on. It protects software
subsystems, such as: SMTP, POP, HTTP and any other subsystem,
already installed on the server. There is no need to change configuration
of existing software - just PROTECT it.
http://www.intes.odessa.ua/vxe
Article follows. Or you can get text from Overview page of VXE.
Best regards, Serge.
------------------------------------------------------
VXE - Virtual eXecuting Environment
Main problem with UNIX security is that superuser can do with system anything
he wants. There are programs (daemons) which work with superuser privilegies,
for example popd, sendmail, and accessible from network (Internet/Intranet).
There could be bugs in any program, so intruder connects to such programs via
network, exploit existing bugs in it and get a control over all host.
VXE (Virtual eXecuting Environment) protects UNIX servers from such intruders,
hacker attacks from network and so on. It protects software subsystems, such
as: SMTP, POP, HTTP and any other subsystem, already installed on the server.
There is no need to change configuration of existing software - just PROTECT
it.
So, VXE solve the following problem: protects host and particular subsystems,
which work as superuser and can have bugs. This is the situation we have in
real life.
When the program works in superuser mode, it can access all resources of the
operating system (OS). VXE creates virtual environment for each subsystem. In
such environment only needed for normal work resources are visible and
available for subsystem. Subsystem here, is startup program and all
subprocesses initiated (forked) by it. Any subprocess runs in the same VXE
that
the parent. To affect any system resources, program use OS system calls
(syscalls). VXE has means to describe what system calls, with what parameters
are available for each subsystem. For example, it can be described (for file
operation syscalls) that some files are readable and some executable, network
operations unavailable (in case of POP server - it handle network connection,
but doesn't make new ones) and this restrictions can't be broken even by a
program with superuser privileges.
These restrictions can be as smart as needed. If intruder gets a control over
such subsystems, he can't use ordinary methods to sniff information or affect
the system. Everything he can do in theory, using sophisticated methods, - is
to affect the work of hacked subsystem, but not OS itself, nor another
subsystems. Here, ordinary methods, are those, when intruder gets superuser
privileges and runs command interpreter (shell), and ordinary utilities, such
as text editor, copy utility and so on. He can't do anything without such
utilities. For example, POP server doesn't need text editor and copy utility
for it's work, so there is no such programs in VXE environment, created for
POPD protection.