0

I'm writing a master-control script to control our infrastructure. Security is a major concern so I'd like to address two issues:

I want the user to be able to execute the application then be prompted to 'login' to the program using the root credentials on the system(Linux - Ubuntu). Failure to authenticate will trigger an email event and lock the program. Can I authenticate against /etc/passwd? And how can I lockout the application?

Second, how do I secure the application from modification? I may have to hard-code certain attributes into the application. What are the ideal permissions for a script to be executed but not edited?

Improve this question
3
  • 2
    Perhaps you should make the script only executable by a superuser? Then require the user to use sudo / su to execute the script. Commented Jan 25, 2011 at 2:18
  • 1
    As for your second inquiry, python is not really a suitable candidate for obfuscation. You could ship the compiled .pyc files only, which are a little more harder to alter. Commented Jan 25, 2011 at 2:20
  • I should have mentioned. This script will reside on one of three C&C servers(Command and control). Commented Jan 25, 2011 at 2:22

1 Answer 1

Reset to default
2

While this is a non-trivial solution, the most secure way to do this is taking a client/server approach, making your master-control script a system service, only readable and runnable by root. You can fire up the service via init.d startup infrastructure.

When the service starts, you'd need to open a socket or RPC server to handle your control commands. On Python this can easily be done using Twisted.

To authenticate via /etc/passwd you can use the crypt and pwd Python modules.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

That is a very cool suggestion. I'm going to explore this. Will this prevent any hard-coded logins from being discovered?
@Jeffrey I suggest you avoid hard-coded logins since they can be brute forced. Also, if your source code gets leaked, the attacker would easily have acces to the credentials. The internal /etc/passwd auth mechanism has an auth token ring that helps the mitigation of a brute force attack.
Absolutely. I only mentioned that as an example because I actually want to stash other information in the script(non-login information) without worrying about it being read by anyone with access to the script and a text editor.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.