Wishlist: Difference between revisions
(Project "Removing SUIDs/SGIDs" with a short synopsis.) |
(→Hardening: tcb Logins - short description and resources) |
||
| Line 18: | Line 18: | ||
= Hardening = | = Hardening = | ||
== tcb Logins == | |||
The goal of this is to remove the S currently needed for shadow logins. | |||
=== tcb resources === | |||
* [http://www.openwall.com/tcb/ tcb - the alternative to /etc/shadow] | |||
* [http://www.openwall.com/presentations/Owl/mgp00020.html tcb - slides] | |||
== Removing SUIDs/SGIDs == | == Removing SUIDs/SGIDs == | ||
Revision as of 06:27, 31 January 2015
 Do not follow instructions here until this notice is removed. |
Warning: This page is unofficial at the moment.
Project Wishlist
Ports
Security
Offensive
Defensive
Administration
Networks
Hardening
tcb Logins
The goal of this is to remove the S currently needed for shadow logins.
tcb resources
Removing SUIDs/SGIDs
It would be nice to see the elimination of these file permissions from Alpine. The reason for this is because throughout the years SUIDs/SGIDs have repeatedly been a source of exploits (esp. privilege escelation) for UNIX derivatives. It may be unfeasible or not unwise to completely ban these file permissions for all packages of Alpine but removing these permissions from Alpine base and X server has been proven to be doable and would provide safer Alpine systems out of the box.