Security Assessment

SAM Security Monitoring

• Documentation: How to add/modify SAM security tests

Completed tests

• None.

Pilot tests in Production

• Monitoring the validity of the CRL (CE-wn-sec-crl)

Pilot tests in Validation

• Check if files or directories included in environment variables have 'w' permission flag in Other group (CE-wn-sec-fp)

Tests in-work

• Checking the permissions of the filesystem (world writable files/dir taken from the environment variables, ownership of common configuration files, etc.) (Developer: David Collados)

Tests being considered

• Monitor processes that escaped from their process tree.
• Checking the validity of host cert, permissions thereof (?)
• Checking the validity of CAs (?)
• Checking the validity of gridmaps (?)
• Checking the clock skew (?)
• Checking the output of the "last" command (If a WN is accessed only by the pool account users or for administrative purposes, we should have no users other than "root") (?)
• Verify the main system RPMs (ex: SysVinit, coreutils) with "rpm --verify"
• Checking the patching status of the WN

Source code auditing

• Analyzing the VOMS source code (current being done)
• Using standard tools to audit the gLite WMS, gLite CE, MyProxy source code
  • Ref: http://www.us.debian.org/security/audit/tools
  • Ref: http://www.securityfocus.com/news/11417
    • ex: http://www.google.com/codesearch?q=glite+todo+%2Bsecurity&btnG=Search+Code
    • ex: http://www.google.com/codesearch?hl=en&lr=&q=glite+%2Bmktemp&btnG=Search

Penetration tests

• Testing potential remote vulnerabilities of network services (ex: blasting WMS network services with funny data)
• Trying to escalate as root on CEs/WNs
• Trying to obtain/use someone else's identity
• Trying to tamper with someone else's data

Findings will be reported to the Grid Security Vulnerability Group.

-- Romain Wartel