* ☒ SELinux

• ☒ Multi Level Security
• ☒ Ram Security - Protect against memory dumps
• ☒ Test catalog / test execution: Understand if it is possible to parallelize the work in two context
• ☒ Analyze which language can run with docker / ECR / registry

• ☒ Download box configurations directly from Box instead of having local files
• ☒ Download the output automatically and open on default editor. Download it with format scriptname_datetime
• ☒ Graphically handle description field if it is very long

#SELinux, MLS, RAM Security

Done some test on weseth test and read some documentation

After an analysis, it emerged that MLS is mainly used in highly structured organization like governative and militar (DOD, FBI, CIA, …) and require a steep curve of setup and many effort to maintain it. For this, it will not further analyzed.

Anyway it emerged that MCS (Multi Category Security) could be a good candidate for protecting some of ours use cases (e.g. docker containers against each other). MCS is a subset of MLS

Analyzed procfs file system and tried to dump memory from a Linux process using root and a github tool.

Talked with @Schiff and it seems that a confined user in user_t with default debian policies, even when escalated to root, it cannot read data under /proc/{PID}/ different than its processes. Further test will be done.

• ☒ Specifiche SELinux (come proteggere roba)
  • ☐ Verify list of services on Box Os to check if necessary new policies (other than teleport) → 24/10/2023 (https://bitbucket.org/drivesec00/box-os/src/develop/config/package-lists/
• ☐ Check on Box os deb package → 24/10/2023
• ☒ Specifiche Monitoring, Notification ed Execution (servizio)
• ☒ Specifiche test image manager (servizio)
  • ☒ Specifiche base image docker
    • ☒ Caching docker mechanism

• User framework has no access to docker daemon → usermod -aG docker framework
• Wrong ServiceName (CatalogManager instead of ImageManager)

• Should get /input.json instead of input.json
• Wrong monitor.log file

• Missing cors from requirements
• Missing host from cors
• Missing handling of multiple tests
• Missing credentials in docker

• ☒ Get up BoxClient on testing box
• ☒ Get up Server and do a request on this
• ☒ Get up frontend and test using this

• ☐ If some error occur, Executor is already running error is thrown. Reset is not done correctly; [AV]
• ☒ Server does not pubblish correctly updates if stays too much time up (or receive more than 1 request) [AV] (Probably just –noreload)
• ☒ Box client does not receive correctly updates if stays too much time up (or receive more than 1 request) [MDF] (Actually almost always working, only be careful to shadow size)
• ☒ Frontend has no output page implemented [RDR]
• ☒ Frontend does not handle correctly nested tests [RDR]
• ☒ Server must handle more than one script with a queue; [AV]
• ☒ Server get is too slow. Implement a faster function [AV]

• ☐ Test all test images on a real bench [UF, AV]
• ☐ Install all from scratch on a clean box [AV]
• ☐ Deploy frontend somewhere [AV]
• ☒ Deploy server somewhere [AV]
• ☒ Create all mappings for tests [UF]
• ☐ Set more understandable notification messages [AV, MDF, UF]
• ☐ TEST, TEST, TEST!!!