About:
Silk Tree propagates /etc/passwd and /etc/group files from a master to a list of hosts via SSH. The sending and receiving ends connect to each other as a non-root user. A read-only sudo program on the receiver's side makes the final modifications in /etc. Many checks are made to ensure reliable authorization updates. ACLs are used to enforce a simple security policy. Differences between old and new versions are shown. Two small scripts are included for exporting LDAP users and groups.

Author:
Aleksandr O. Levchuk [contact developer]

Rating:	reset 1 2 3 4 5 6 7 8 9 10
(not rated)

Tar/GZ:
http://bioinfo.ucr.edu/~alevchuk/silktree-0.0.1.tar.gz

Trove categories: [change]

[Development Status]		5 - Production/Stable
[License]		OSI Approved :: GNU General Public License v3
[Programming Language]		Ruby
[Topic]		Security, System :: Networking :: LDAP

Dependencies: [change]
Portable OpenSSH (required)
Ruby (required)
[download links]

 Branches

Branch	Version	Last release	License	URLs
Default	0.0.1	06-May-2008	GNU General Public License v3

 Comments

[»] Is Silk Tree secure?
by Aleksandr O. Levchuk - May 8th 2008 11:47:04

The answer is no.

Silk Tree is an attempt to isolate the receiver side from the
sending side (master host), so that if the sending
side is compromised then the other side stays unaffected.

This goal is not archived because if the adversary is able
to ssh into the receiving side as the silktree user
then the adversary is able to push anything into the
/etc/passwd and /etc/group of the receiver.

The sending side is isolated from the receiving side
because of the one-way design of SSH and I am
careful not to start executing any data that is
gathered from the receiving side.

Having this said, I would still prefer Silk Tree over the
SSHing-as-root method.

--
-------------------------------------------- Aleksandr Levchuk University of California, Riverside 1-951-368-0004 --------------------------------------------

[reply] [top]