Matrix security section
From Linux NFS
(Difference between revisions)
(→Security feature testing) |
Chucklever (Talk | contribs) m (Reverted edits by UvrPe3 (Talk); changed back to last version by BryceHarrington) |
||
(3 intermediate revisions not shown) | |||
Line 91: | Line 91: | ||
|Run Sparse as regression test periodically | |Run Sparse as regression test periodically | ||
| | | | ||
- | |''' | + | |'''In Progress''' |
|OSDL | |OSDL | ||
- | | | + | |Data is reported for CITI kernels; need to understand how to analyze it |
|} | |} | ||
Line 221: | Line 221: | ||
|} | |} | ||
- | == Attack and penetration security review == | + | ==[[Security_Attack_Penetration|Attack and penetration security review]]== |
{|border="1" width="100%" cellpadding="1" cellspacing="0" style="font-size: 85%; border: gray solid 1px; border-collapse: collapse; text-align: center; width: 100% | {|border="1" width="100%" cellpadding="1" cellspacing="0" style="font-size: 85%; border: gray solid 1px; border-collapse: collapse; text-align: center; width: 100% | ||
!style="background: #ececec;"|'''ID | !style="background: #ececec;"|'''ID | ||
Line 255: | Line 255: | ||
|Bull planning on creating a list of issues in 2005 | |Bull planning on creating a list of issues in 2005 | ||
|} | |} | ||
- | |||
== Cross realm == | == Cross realm == |
Latest revision as of 02:21, 19 August 2007
Contents |
Code Audit
ID | test | tool test | status | owner | notes |
---|---|---|---|---|---|
V.A.1 | Audit the NFSv4 server code | New | |||
V.A.2 | Audit the NFSv4 client code | New | |||
V.A.3 | Audit the rpcbind / portmap code | New | |||
V.A.4 | Audit the krb5 code | DONE | Assuming MIT krb5 libs are already reviewed | ||
V.A.5 | Audit the idmapd code | New | |||
V.A.6 | Audit the mountd | New | |||
V.A.7 | Audit the RPC authentication code (gssd, authsys, etc.) | New |
Security regression testing
ID | test | tool test | status | owner | notes |
---|---|---|---|---|---|
V.B.1 | Run Stanford/Coverity Checker periodically | New | |||
V.B.2 | Run SMATCH as regression test periodically | New | |||
V.B.3 | Run FlawFinder as regression test periodically | New | |||
V.B.4 | Run Sparse as regression test periodically | In Progress | OSDL | Data is reported for CITI kernels; need to understand how to analyze it |
Administration tools
ID | test | tool test | status | owner | notes |
---|---|---|---|---|---|
V.C.1 | Verify that only administrative users can access admin tools and config files | New | Perhaps run this in a test suite |
Security features design review
ID | test | tool test | status | owner | notes |
---|---|---|---|---|---|
V.D.1 | Review Authentication/ACL feature design | New | U Mich has done some NFS2/3 ACL testing 10/04 | ||
V.D.2 | Review each security flavor feature design Krb5 | New | |||
V.D.3 | Review security negotiation feature design | New | Still needs some implementation work | ||
V.D.4 | Review named attributes feature design | New | Still needs some implementation work | ||
V.D.5 | Review supporting advanced security flavors on the callback channel design | New | Still needs some implementation work | ||
V.D.6 | Penetration testing for client callback implementation | New |
Security feature testing
ID | test | tool test | status | owner | notes |
---|---|---|---|---|---|
V.E.1 | Ensure a functionality test sufficiently tests Authentication/ACL | New | |||
V.E.2 | Ensure a functionality test sufficiently covers each security flavor Krb5 | New | |||
V.E.3 | Ensure a functionality test sufficiently covers security negotiation | New | |||
V.E.4 | Ensure a functionality test sufficiently covers named attributes | New | |||
V.E.5 | Ensure a functionality test sufficiently covers advanced security flavors on callback channel | New | |||
V.E.6 | Ensure a functionality test sufficiently covers penetration testing for client callback implementation | New |
Attack and penetration security review
ID | test | tool test | status | owner | notes |
---|---|---|---|---|---|
V.F.1 | Identify security issues assuming attack from client-side | Open | Bull | Bull planning on creating a list of issues in 2005
NFSv4 client Denial of service Userland daemons Mount and other nfs utils | |
V.F.2 | Identify security issues assuming attack from server-side | Open | Bull | Bull planning on creating a list of issues in 2005 | |
V.F.3 | Identify security/privacy issues assuming listening by an active or passive third party | Open' | Bull | Bull planning on creating a list of issues in 2005 |
Cross realm
ID | test | tool test | status | owner | notes |
---|---|---|---|---|---|
V.G.1 | Two v4 domains; kerberos, ACLs in one realm; file system in another | New | Still experimental |
Documentation for testing/auditing
ID | test | tool test | status | owner | notes |
---|---|---|---|---|---|
V.H.1 | Ensure there is high level design documentation of NFSv4 security Start with Bruce's paper | New | |||
V.H.2 | Ensure there is inline documentation for security related code in kernel | New | |||
V.H.3 | Ensure there is inline documentation for GSS API (libgssapi, librpcsecgss) | New | |||
V.H.4 | Ensure there is inline documentation for nfsv4 libraries | New |
Security use case
ID | test | tool test | status | owner | notes |
---|---|---|---|---|---|
V.I.1 | Verify proper functionality/security correctness of NFSv4 in a VPN environment | New | Venkat will write use case |