... | ... | @@ -3,7 +3,9 @@ |
|
|
|
|
|
# 1. Kea Security
|
|
|
|
|
|
This page discusses various aspects related to Kea software security. This is a living document. This page will eventually be merged into [Kea ARM](https://kea.readthedocs.io).
|
|
|
This page discusses various aspects related to Kea software security. This is a living document. This page will eventually be merged into [Kea ARM](https://kea.readthedocs.io).
|
|
|
|
|
|
>> Vicky: I think it would be more appropriate for the ARM to address this from the perspective of, 'how can you improve the security of your Kea deployment' and provide more of a 'how to' approach.
|
|
|
|
|
|
The sections below are not listed in any particular order. This is not a recommendation for any specific practices. Many topics here are simply something to consider. In many cases, there's a trade-off between convenience and higher security. It is up to the administrator to make those choices.
|
|
|
|
... | ... | @@ -24,11 +26,19 @@ That is in contrast to ISC DHCP's server `dhcpd`, which is a single binary that |
|
|
|
|
|
Kea uses the DHCPv4 and DHCPv6 protocols, which assume the server will open privileged UDP port 67 (DHCPv4) or 547 (DHCPv6). Under normal circumstances that requires **root access**. However, with the use of the capabilities mechanism, Kea can run from an unpriviliged account. See [the Kea ARM](https://kea.readthedocs.io/en/kea-1.8.1/arm/install.html#running-kea-from-non-root-account-on-linux) for details.
|
|
|
|
|
|
## Kea Administrative access
|
|
|
|
|
|
?? Local access while on the machine is via a socket. Access is controlled by the operating system using file access permissions. ??
|
|
|
|
|
|
?? Kea configuration is controlled by a JSON file on the Kea server. This file can be viewed or edited by anyone with file permissions (permissions controlled by the operating system).
|
|
|
|
|
|
## Database connections
|
|
|
|
|
|
Kea can optionally use an external MySQL, PostgreSQL or Cassandra database to store configuration, host reservations or leases. The use of databases is a popular feature, but it is optional. It's also possible to store this data in a flat file on disk.
|
|
|
|
|
|
When using a database, credentials in the form of username, password, host, port and database name can be specified. Depending on the database configuration, it's also possible to check if the system user matches the database username. Consult MySQL or PostgreSQL manuals for details.
|
|
|
When using a database, Kea will store and use credentials in the form of username, password, host, port and database name in order to authenticate with the database. **These are stored (how? in clear text in the config file? or where?)**
|
|
|
|
|
|
Depending on the database configuration, it's also possible to check if the system user matches the database username. Consult MySQL or PostgreSQL manuals for details.
|
|
|
|
|
|
[how is the username and password stored/protected in Kea?]
|
|
|
|
... | ... | |