Security Ideas for Solaris University Challenge Contest
By chandan on Dec 16, 2005
Here are some security ideas that come to my mind to suggest for Solaris 10 University Challenge Contest.
- Come up with an exploit prevention mechanism, may be using DTrace. For eg. assume a new security vulnerability is discovered in Apache, before patches are available for Apache, your mechanism would prevent Apache from being exploited, if there is an attempted exploit. You may use some "Process Destructive Actions" in DTrace or you may do something more innovate and less harmful.
- Write a modern fuzz for OpenSolaris, that may parse SGML man pages, automatically figures out command line args, environmental variables, or use DTarce to dynamically find these. It could also fuzz library calls and system calls. It could do many more tests like giving large arguments, large environments, large and random files as input. Whether you win the university challenge or not, you will certainly be hero in the eyes of security community. You would also get a totally worthless but sincere acknowledgment in our Security Sun Alerts.
- Use the concepts of LiveSystem to visualize security roles, profiles(1) auths(1) user_attr(4) and privileges(5) and other security features in Solaris 10. This configuration is currently spread over multiple files and difficult to get the big picture.
- Create a "system integrity verification OpenSolaris liveCD" that, boots from a CD, detects any Solaris 10 instances on the hard disk, then verifies the Solaris ELF signatures of system binaries using elfsign(1) verify, and reports a summary if it found anything tampered. Could be useful if you suspect your system was compromised
More later as I dig through my notes and home directory...