From: Frank Ch. Eigler Date: Tue, 19 Jan 2010 22:19:12 +0000 (-0500) Subject: security: list some prudent security practices for stap-server X-Git-Tag: release-1.2~216^2~7 X-Git-Url: https://sourceware.org/git/?a=commitdiff_plain;h=596bbda30fd116c2d45c155ad347cc2d27186f3c;p=systemtap.git security: list some prudent security practices for stap-server --- diff --git a/stap-server.8.in b/stap-server.8.in index 1c69ca1c3..d44b60f0c 100644 --- a/stap-server.8.in +++ b/stap-server.8.in @@ -358,6 +358,28 @@ structures and potentially private user information. See the .IR stap (1) manual page for additional information on safety and security. +.PP +As a network server, stap-server should be activated with care in +order to limit the potential effects of bugs or mischevious users. +Consider the following prophylactic measures. +.TP +1 +Run stap-server as an unprivileged user, never as root. +.TP +2 +Run stap-server with resource limits that impose maximum +cpu time, file size, memory consumption, in order to bound +the effects of processing excessively large or bogus inputs. +.TP +3 +Run stap-server with a $TMPDIR environment variable that +points to a separate and/or quota-enforced directory, in +order to prevent filling up of important filesystems. +.TP +4 +Activate network firewalls to limit stap-client connections +to relatively trustworthy networks. + .PP The systemtap server and its related utilities use the Secure Socket Layer (SSL) as implemented by Network Security Services (NSS) @@ -399,6 +421,7 @@ Location of installed kernels. .IR stapprobes (3stap), .IR stapfuncs (3stap), .IR stapex (3stap), +.IR ulimit (1), .IR NSS , .IR certutil