User:Jeblad/Safe development environment

From MediaWiki.org
Jump to navigation Jump to search

This makes the assumption that the code you are developing or testing is inherently insecure, but you must forever reason do the development or testing on your own machine. To say the development or testing environment is insecure is not a critique of your skills, but a plain and simple description of how such environments are constructed. They consists of parts that are both experimental and unmaintained, and as soon as they are exposed to the internet they are vulnerable to attacks. That is life, we must try to live with it.

One way to cope with this is to isolate the vulnerable parts from whatever you don't want to miss, effectively creating a safe box and a shit box, where whatever you put in the safe box can't be touched by anything from the shit box. That is the ideal case.

First of all; any environment created by chroot or any derivative can not create a secure environment. You can isolate dependencies inside the environment, but you can not create an environment where some code can not reach from the inside to the outside. A fully enclosed virtual environment with its own operating system is a lot better, but there are also known methods whereby code can penetrate from the inside and attack your safe box. It is better, but not completely safe.

Assume penetration, encrypt your safe-box[edit]

When you are messing around with unsafe code, do not expect your home account to be safe. Assume penetration, and prepare for it. Your best defence is to encrypt your home environment, that is make it a safe box. Encrypt your home environment, the whole of it, not just your home directory. If it is encrypted it is nearly impossible to change without something failing hard, and then you will know.

When a disk or partition is fully encrypted you could run into other problems, most notably with w:ntfs in cooperation with w:Vagrant. It might work given specific versions, but it might also create problems. One way around is …

Smoketesting, iso-style[edit]

Simple smoke testing to verify bugs often needs to be done against several operating systems, and several different browsers. Many distros have live-CDs that can be used for such testing, but usually they have only a single browser available.

In w:Ubuntu the simplest solution is to simply download the w:ISO image and place it in a folder /boot/grml and run sudo update-grub if you have grml-rescueboot installed.

You find more about this at Grub2/ISOBoot#grml-rescueboot.

Even if some attacker penetrates into your environment it is still pretty safe as there are nowhere to persist the attack. Or actually it is possible, but the whole process would be pretty involved unless the environment is already set up for persistent storage.