Release status update (or, Hoary and you)

Martin Pitt martin.pitt at ubuntu.com
Mon Mar 7 07:45:32 CST 2005 

Hi!

Sivan Green [2005-03-06 10:23 +0100]:
> On 10:00, Fri 04 Mar 05, Martin Pitt wrote:
> > I had a short talk with Mark, can we please also mention our brilliant
> > default security? No open ports, and many processes that usually run
> > as root don't in Ubuntu? AFAICS wrt to the latter item we are pretty
> > far ahead of other Linux distros, so it might be good to point this
> > out.
> 
> Martin, I think this is a very important thing to mention
> and to even emphasize, I think you're probably best to do a
> small brief listish summary, and then someone from the doc
> team would follow and expand to a complete overview.

Not a text appropriate for the announcement, but a more in-depth
explanation:

When we started with Ubuntu, a lot of daemons ran as "root" and a lot
of programs were installed setuid root. This means that every security
bug in these could potentially be exploited to compromise the system
without any limit.

Since then I evaluated many of these root processes and minimized
their privileges to the absolutely required one. As a result, many
setuid root programs are now only setgid to a particular
application-specific group, and many processes now run as a dedicated
normal user (with some additional kernel capabilities in some cases).
This confines the potential impact of vulnerabilities to the process
itself, they cannot affect any other processes any more.

In short, this greatly helps to improve proactive security.

Already derooted apps:

klogd 
syslogd 
cupsd 
hald 
ntpd 
procmail 
smbmount/smbumount 
jackd 
login 
gpg/gnupg 
hpoj
at

We have some further targets (the harder ones :-) ), maybe we can make
further progress in Hoary+1.

Martin

-- 
Martin Pitt                       http://www.piware.de
Ubuntu Developer            http://www.ubuntulinux.org
Debian GNU/Linux Developer       http://www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20050307/567bc599/attachment.pgp

More information about the ubuntu-devel mailing list