From 596bbda30fd116c2d45c155ad347cc2d27186f3c Mon Sep 17 00:00:00 2001 From: "Frank Ch. Eigler" Date: Tue, 19 Jan 2010 17:19:12 -0500 Subject: [PATCH] security: list some prudent security practices for stap-server --- stap-server.8.in | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/stap-server.8.in b/stap-server.8.in index 1c69ca1c3..d44b60f0c 100644 --- a/stap-server.8.in +++ b/stap-server.8.in @@ -358,6 +358,28 @@ structures and potentially private user information. See the .IR stap (1) manual page for additional information on safety and security. +.PP +As a network server, stap-server should be activated with care in +order to limit the potential effects of bugs or mischevious users. +Consider the following prophylactic measures. +.TP +1 +Run stap-server as an unprivileged user, never as root. +.TP +2 +Run stap-server with resource limits that impose maximum +cpu time, file size, memory consumption, in order to bound +the effects of processing excessively large or bogus inputs. +.TP +3 +Run stap-server with a $TMPDIR environment variable that +points to a separate and/or quota-enforced directory, in +order to prevent filling up of important filesystems. +.TP +4 +Activate network firewalls to limit stap-client connections +to relatively trustworthy networks. + .PP The systemtap server and its related utilities use the Secure Socket Layer (SSL) as implemented by Network Security Services (NSS) @@ -399,6 +421,7 @@ Location of installed kernels. .IR stapprobes (3stap), .IR stapfuncs (3stap), .IR stapex (3stap), +.IR ulimit (1), .IR NSS , .IR certutil -- 2.43.5