The security audit tool and part of an intrusion detection system.
- Targeted release: Fedora 12
- Last updated: (Aug 24 2009)
- Percentage of completion: 99,9%
The security tool that can be used both as a security audit as well as a part of an intrusion detection system. It consists of set of tests, library and textual/graphical frontend. Tests are sorted into groups and security levels. Administrators can run selected tests, groups or whole security levels.
Benefit to Fedora
Lower the attack surface by finding possible vulnerabilities, audit the system to find common problems to improve security and performance of scanning system. Encourage users to use Fedora on server and support other distributions based on Fedora like Red Hat Enterprise Linux or CentOS
- Split the current program to backend mechanism and frontend pieces to separate user part and administrator part of application.
- Dbus communication interface for backend
- opotion for not using dbus
- switch communication between backend and frontend to dbus and unix sockets
- PolicyKit integration
- Define policies for PolicyKit
- Improve GUI
- Better user authentication system
How To Test
There is no need for special hardware to test this feature.
install sectool and sectool-gui
$ yum install sectool*
Test the most basic functions to make sure sectool is able to start, etc.
sectool --help sectool --version
make sure that the version string is correct
check that the level numbers are sane test globbing: sectool --list \*home\*
sectool --info <test>
Users will have option to audit their system to improve security and performance. Users can choose between command line testing through dbus (or without dbus) and GUI testing tool. The whole system will be less vulnerable to attack.
This feature is not critical. Revert to previous release in case that could not be complete by the final feature freeze.
- Switch to using PolicyKit https://bugzilla.redhat.com/show_bug.cgi?id=502733
- Sectool and file capabilities https://bugzilla.redhat.com/show_bug.cgi?id=449990
- Arch dependent files in /usr/share https://bugzilla.redhat.com/show_bug.cgi?id=501825
- Bug in netserv test https://bugzilla.redhat.com/show_bug.cgi?id=503207
- Spurious warnings in filesystem test in mock chroots https://bugzilla.redhat.com/show_bug.cgi?id=503209
- FTBFS sectool-0.9.3-1.fc12 https://bugzilla.redhat.com/show_bug.cgi?id=511473
- Sectool is a security tool that can be used both as a security audit as well as a part of an intrusion detection system. It consists of set of tests, library and textual/graphical frontend. Tests are sorted into groups and security levels. Administrators can run selected tests, groups or whole security levels.
- Sectool is now using PolicyKit and dbus for better security in authentication actions.