Package: ninja (0.1.3-2) [debports]
Links for ninja
- Homepage [forkbomb.org]
Privilege escalation detection system for GNU/Linux
Ninja is a privilege escalation detection and prevention system for GNU/Linux hosts. While running, it will monitor process activity on the local host, and keep track of all processes running as root. If a process is spawned with UID or GID zero (root), ninja will log necessary information about this process, and optionally kill the process if it was spawned by an unauthorized user. A "magic" group can be specified, allowing members of this group to run any setuid/setgid root executable. Individual executables can be whitelisted. Ninja uses a fine grained whitelist that lets you whitelist executables on a group and/or user basis. This can be used to allow specific groups or individual users access to setuid/setgid root programs, such as su(1) and passwd(1).
Other Packages Related to ninja