Ubuntu Hardened SPEC-20050503 and schedule

Thu May 26 18:38:48 CDT 2005

El jue, 26-05-2005 a las 15:55 -0700, Matt Zimmerman escribió:
> On Tue, May 24, 2005 at 12:52:57AM +0200, Lorenzo Hernández García-Hierro wrote:
> 
> > The long time waited rewritten specification for Ubuntu Hardened is now
> > publicly available, in both LaTeX source and PDF formats at:
> > 
> > http://pearls.tuxedo-es.org/ubuntu/ubuntu-hardened-spec-20050503.pdf
> > http://cvs.tuxedo-es.org/cgi-bin/viewcvs.cgi/ubuntu-hardened-spec/
> 
> Thanks for putting this together.  

My pleasure.

> Some comments:
> 
> We currently have SELinux enabled in the kernel configuration, but disabled
> at runtime by default.  You seem to propose enabling SELinux by default,
> which is problematic for obvious reasons.  Is there a rationale for changing
> the approach in this way?

SELinux can be enabled by default but it won't be "virtually enabled"
until a policy is loaded, which implies having such policy package
installed (ie. default would be no one if it's still "unstable", if not,
then default would be selinux-policy-default which is a meta-package
provided by selinux-policy-targeted). If there's no policy at all, then
there's nothing to worry about.

selinux=1 in the kernel command line just enables the SELinux
"framework" for policy loading, access control enforcement, etc (checked
on the __init call).

> Does the new dpkg in breezy provide the necessary infrastructure for SELinux
> policies in the packaging system?

As of
http://packages.ubuntu.com/changelogs/pool/main/d/dpkg/dpkg_1.13.4ubuntu1/changelog it currently doesn't have support for SELinux, but the Ubuntu SELinux repository has been updated and it can be used as apt source, as explained in http://ubuntulinux.org/wiki/SELinux and Andrew Mitchell was tracking the stuff.

> In places where your spec disagrees with ProactiveSecurityRoadmap (but has
> been agreed upon with the others working on the project),
> ProactiveSecurityRoadmap should be updated, as this is the place with the
> most visibility within the Ubuntu development community.

OK, I will talk to Martin Pitt, Andrew Mitchell and Brandon Hale.
The most important thing is to have an unbiased and accurate (mostly in
technical terms) specification.

> I think it would be simpler and clearer to organize things in the same way
> as our other development projects.  This means that it should have a lead
> and a second who are both coordinating and driving development on the
> project.  For purposes of managing development at the distribution level, it
> should share the same infrastructure and personnel who are already doing
> this for other projects (e.g., JaneW and myself).

OK, I don't know what should be done exactly, and it wouldn't be a good
idea if a propose myself as lead if a voting process is needed, so, I
would need to know "how it works" and be ready to accept the decision of
the majority with power and influence in these terms.

> Are there any other prerequisites which must be met before you are ready to
> begin implementation work?

Well, I have an old testing machine around here but I would like to have
access to ppc and even x86_64 machines. I will try to move things for
getting a more consistent infrastructure. Though, I'll be a bit busy
these next 2 weeks with exams and the like, but I expect it to go
straight forward (*sigh*).

I would like to apply for membership as well, but Martin is the man to
ask.

Many thanks for the feedback.

Cheers,
-- 
Lorenzo Hernández García-Hierro <lorenzo at gnu.org>
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]