Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(38)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: docs/system_hardening_features.md

Issue 2545363002: Use HTTPS links for Google domains in docs (Closed)
Patch Set: Modify two more files in subdirectories Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « docs/retrieving_code_analysis_warnings.md ('k') | docs/testing/writing_layout_tests.md » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Introduction 1 # Introduction
2 2
3 This is a list of current and planned Chrome OS security features. Each feature is listed together with its rationale and status. This should serve as a checkli st and status update on Chrome OS security. 3 This is a list of current and planned Chrome OS security features. Each feature is listed together with its rationale and status. This should serve as a checkli st and status update on Chrome OS security.
4 4
5 5
6 6
7 # Details 7 # Details
8 8
9 ## General Linux features 9 ## General Linux features
10 10
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
50 | disable ACPI custom\_method | needs config and functional test | Frustrate ker nel exploits that depend on root access to physical memory | | Issue 2 3759 (on Google Code) | 50 | disable ACPI custom\_method | needs config and functional test | Frustrate ker nel exploits that depend on root access to physical memory | | Issue 2 3759 (on Google Code) |
51 | unreadable kernel files | needs config and functional test | Frustrate automat ed kernel exploits that depend access to various kernel resources | | Issue 23761 (on Google Code) | 51 | unreadable kernel files | needs config and functional test | Frustrate automat ed kernel exploits that depend access to various kernel resources | | Issue 23761 (on Google Code) |
52 | blacklist rare network modules | needs functional test | Reduce attack surface of available kernel interfaces. | 52 | blacklist rare network modules | needs functional test | Reduce attack surface of available kernel interfaces. |
53 | syscall filtering | needs functional testing | Reduce attack surface of availa ble kernel interfaces. | | Issue 23150 (on Google Code) | 53 | syscall filtering | needs functional testing | Reduce attack surface of availa ble kernel interfaces. | | Issue 23150 (on Google Code) |
54 | vsyscall ASLR | medium priority | Reduce ROP target surface. | 54 | vsyscall ASLR | medium priority | Reduce ROP target surface. |
55 | Limited use of suid binaries | implemented | Potentially dangerous, so minimiz e use. | [security\_SuidBinaries](http://git.chromium.org/gitweb/?p=chromiumos/t hird_party/autotest.git;a=tree;f=client/site_tests/security_SuidBinaries) | 55 | Limited use of suid binaries | implemented | Potentially dangerous, so minimiz e use. | [security\_SuidBinaries](http://git.chromium.org/gitweb/?p=chromiumos/t hird_party/autotest.git;a=tree;f=client/site_tests/security_SuidBinaries) |
56 56
57 ## Chrome OS specific features 57 ## Chrome OS specific features
58 58
59 * We use `minijail` for sandboxing: 59 * We use `minijail` for sandboxing:
60 * [Design doc](http://www.chromium.org/chromium-os/chromiumos-design-docs/sy stem-hardening#Detailed_Design_73859539098644_6227793370126997) 60 * [Design doc](https://www.chromium.org/chromium-os/chromiumos-design-docs/s ystem-hardening#Detailed_Design_73859539098644_6227793370126997)
61 * Issue 380 (on Google Code) 61 * Issue 380 (on Google Code)
62 * Current sandboxing status: 62 * Current sandboxing status:
63 63
64 | | | | | **Exposure** | | | | | **Privileges** | | **Sandbox** | 64 | | | | | **Exposure** | | | | | **Privileges** | | **Sandbox** |
65 |:-|:-|:-|:-|:-------------|:-|:-|:-|:-|:---------------|:-|:------------| 65 |:-|:-|:-|:-|:-------------|:-|:-|:-|:-|:---------------|:-|:------------|
66 | **Service/daemon** | **Overall status** | **Usage** | **Comments** | **Network traffic** | **User input** | **DBus** | **Hardware (udev)** | **FS (config file s, etc.)** | **Runs as** | **Privileges needed?** | **uid** | **gid** | **Namespaces** | **Caps** | **seccomp\_filters** | 66 | **Service/daemon** | **Overall status** | **Usage** | **Comments** | **Network traffic** | **User input** | **DBus** | **Hardware (udev)** | **FS (config file s, etc.)** | **Runs as** | **Privileges needed?** | **uid** | **gid** | **Namespaces** | **Caps** | **seccomp\_filters** |
67 | udevd | Low pri | Listens to udev events via netfilter socket | | No | No | No | Yes | No | root | Probably | No | No | No | No | No | 67 | udevd | Low pri | Listens to udev events via netfilter socket | | No | No | No | Yes | No | root | Probably | No | No | No | No | No |
68 | session-manager | <font color='yellow'>P2</font>| | Launched from /sbin/sessi on\_manager\_setup.sh | No | No | Yes | No | No | root | Pro bably | No | No | No | No | No | 68 | session-manager | <font color='yellow'>P2</font>| | Launched from /sbin/sessi on\_manager\_setup.sh | No | No | Yes | No | No | root | Pro bably | No | No | No | No | No |
69 | rsyslogd | Low pri | Logging | | No | No | No | No | Yes | root | Probably | No | | No | No | No | 69 | rsyslogd | Low pri | Logging | | No | No | No | No | Yes | root | Probably | No | | No | No | No |
70 | dbus-daemon | Low pri | IPC | Listens on Unix domain socket | Unix domain sock et | | Yes | | | messagebus | Yes | Yes | Yes | No | No | No | 70 | dbus-daemon | Low pri | IPC | Listens on Unix domain socket | Unix domain sock et | | Yes | | | messagebus | Yes | Yes | Yes | No | No | No |
(...skipping 27 matching lines...) Expand all
98 | | | | | **Exposure** | | | | | **Privileges** | | **Sandbox** | 98 | | | | | **Exposure** | | | | | **Privileges** | | **Sandbox** |
99 99
100 Enforced by [security\_SandboxedServices](http://git.chromium.org/gitweb/?p=chro miumos/third_party/autotest.git;a=tree;f=client/site_tests/security_SandboxedSer vices) 100 Enforced by [security\_SandboxedServices](http://git.chromium.org/gitweb/?p=chro miumos/third_party/autotest.git;a=tree;f=client/site_tests/security_SandboxedSer vices)
101 101
102 # References 102 # References
103 103
104 * https://wiki.ubuntu.com/Security/Features 104 * https://wiki.ubuntu.com/Security/Features
105 * http://wiki.debian.org/Hardening 105 * http://wiki.debian.org/Hardening
106 * http://www.gentoo.org/proj/en/hardened/hardened-toolchain.xml 106 * http://www.gentoo.org/proj/en/hardened/hardened-toolchain.xml
107 * http://www.awe.com/mark/blog/20101130.html 107 * http://www.awe.com/mark/blog/20101130.html
OLDNEW
« no previous file with comments | « docs/retrieving_code_analysis_warnings.md ('k') | docs/testing/writing_layout_tests.md » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698