(Page 4 of 7)   < Prev  1 2 3 4 5 6 7  Next >

Category: Access Control » user privileges

Added 2002-01-23
by anthonyu
cage is a replacement for the chroot(8) utility. Like chroot, cage changes its root directory to the one specified and then executes your application. Before execing, however, cage drops all privileges that would allow the program to escape its jail.

Added 2002-01-16
by TecSec, Incorporated
TecSec®'s Constructive Key Management technology uniquely resolves critical information security and information management matters complicated by today's vastly networked world. The need to identify authorized users, protect and control sensitive information assets, and restrict access to information in compliance with privacy statutes and regulations has never been greater.

Added 2001-11-26
by Greg Warnes
ClusterNFS is a set of patches for the "Universal NFS Daemon" (UNFSD) to allow multiple clients to nfs mount the same root filesystem by providing "tagged" filenames. When a client requests the file "/path/filename", the ClusterNFS server checks for the existence of files of the form "/path/filename$$TAG=value$$". If such a file exists and the client has a matching value for KEY, this file is returned. If the client does not have a matching value or no such file exists, the file request proceeds as normal. Currently supported keys include HOST (hostname), IP (IP number), CLIENT (matches any nfs client) and CREATE (for "tagged" creation of files).

Added 2001-11-13
by Steve Fegan, flash@netsoc.ucd.ie
Flash is an attempt to address the security problems associated with giving local unix users full shell access. It is a (hopefully) secure shell which will only execute administrator defined programs, while also being very user friendly. Flash is fully windowed (using an ncurses interface), is driven by cursor keys, has hotkey support, has fascist logging support and more.

Linux Trustees
Added 2001-11-09
by Vyacheslav L. Zavadsky
The main goal of the Linux Trustees project is to create an advanced permission management system for Linux. The solution proposed is mainly inspired by the approach taken by Novell Netware and the Java security API. Special objects (called trustees) can be bound to every file or directory. The trustee object can be used to ensure that access to a file, directory, or directory with subdirectories is granted (or denied) to a certain user or group (or all except user or group). Trustees are like POSIX ACLs, but trustee objects can affect entire subdirectory trees, while ACLs a single file.

Added 2001-11-05
by Joerg Wendland
nss-pgsql is a name service switch (NSS) module using a PostgreSQL database as its backend. It is meant to completely replace the flat file structure in /etc for user and group management.

Added 2001-10-25
by Guillaume Morin
NSS-MySQL allows you to create Unix users or groups from a MySQL database. It features full passwd, group, and shadow support.

Electric Death Ferret
Added 2001-10-22
by Serge Egelman, serge@guanotronic.com
Electric Death Ferret is a PHP3 script for entering new domains and virtual hosts online so that they can be setup automagically by the included Perl daemon in both Apache, NcFTPd, and BIND. This also includes setup for suexec and also includes another PHP3 script for setting up system users. These system accounts are for dialup customers and mail-only accounts. There is also an option for creating aliases in Sendmail and for converting a full dialup account into a mail-only one (this is done by editing the RADIUS file).

Raw Sockets Disabler
Added 2001-10-22
by Delta Design UK
A proof-of-concept release to temporally disable Winsock Raw Socket functionality in Windows NT, 2000 and XP systems. Note: Winsock Raw Sockets are only disabled when this application is running. They are *not* permanently disabled. No modifications are made to any Operating System files. This was released in response to recent publications from Gibson Research Corporation (GRC.com) regarding Raw Sockets, to prove that such functionality can be readily disabled.

DummyIdentd Server Daemon
Added 2001-10-22
by Paul Gregg
DummyIdentd Server Daemon is a Perl program that accepts identd requests (port 113), and responds with a valid response, but giving out no useful information. It is written in Perl, and is suitable for running on company gateways/firewalls to enable your users to access services such as IRC, which require identd.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus