[tor-relays] Towards a Tor Node Best Best Practices Document

Kasimir Gabert kasimir.g at gmail.com
Tue May 1 20:25:33 UTC 2012


On Sun, Apr 29, 2012 at 1:59 PM, Mike Perry <mikeperry at torproject.org> wrote:
>
[snipped]
>
> After reading a few mailinglist archives about kernel.modules_disabled,
> it looks like there is a contingent of kernel developers who are arguing
> for "layered security" over "perfect security", and they are working to
> enumerate and close holes that elevate root directly to ring0. Even if
> the LKML people occasionally refuse to take their patches for old
> unixbeard dogmatic reasons, it looks like they are still being picked up
> by RHEL/CentOS and Ubuntu.
>
> But, this reminds me that I might need to add a "Auditing
> Recommendations" section to the APT.  Technically, the truly paranoid
> should also keep pristine copies of their initrd, kernel, modules, and
> init itself, and veryify/replace them in the event of sketchy activity.
> But the question of how to actually verify/replace these files while
> using an untrusted kernel is another matter..  A few ways come to mind,
> but if we specify just One True Way, obviously custom rootkits could
> still be written to cloak against it...

What do you feel about promoting grsec?

>
[snipped]
>
>
> --
> Mike Perry
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>

Thanks,
Kasimir


--
Kasimir Gabert


More information about the tor-relays mailing list