Ahmad Samer Wazan's blog

Security is defined by Meriam-Webster Dictionary  [1] as  the quality or state of being secure.  Secure itself is defined as :  free from danger  or free from risk of loss If we have one million dollars and live in a utopian world, we will not be worried about the dangers that could exist to our money. We may leave our money in the street and label them with our name; no one will take them. Thus, the security and even trust concepts are not relevant in this world because we are sure that everyone is good and has good intentions. In a dystopian world, we are almost sure that dangers exist. Therefore, almost everyone is interested in our assets. In this world, Security is critical as it is the only way that allows us to survive. Trust is relevant also but should be used much less frequently than Security.   In the real world, we are between the utopia and dystopia worlds. We are not sure about the existence or absence of dangers, and yet we need to make decis...

Traditionally, administering Linux systems is based on the existence of one powerful user (called super user) who detains alone the full list of system’s privileges. This vision has been criticized because all programs executed in the context of the super user obtain much more privileges than they need. For example, tcpdump, a tool for sniffing network packets, needs only the privilege cap_net_raw to run. However, by executing it in the context of super user, tcpdump obtains the full list of systems’ privileges. Thus, the traditional approach of Linux administration breaks the principle of the least privilege that ensures that a process must have the least privileges necessary to perform its job (i.e. sniff packet networks). An attacker may exploit vulnerabilities of tcpdump to compromise the whole system, when the process of tcpdump possesses the full list of root privileges. Root As Role (RAR) module implements a role based approach for distributing Linux capabilities into Linux use...

I like drawing portraits and other things from time to time. So I have decided to share them on my blog to motivate myself to continue doing this activity....