ninja - Privilege escalation detection system for GNU/Linux

Distribution: Ubuntu 12.04 LTS (Precise Pangolin)
Repository: Ubuntu Universe amd64
Package name: ninja
Package version: 0.1.3
Package release: 2
Package architecture: amd64
Package type: deb
Installed size: 164 B
Download size: 20.49 KB
Official Mirror:
Ninja is a privilege escalation detection and prevention system for GNU/Linux hosts. While running, it will monitor process activity on the local host, and keep track of all processes running as root. If a process is spawned with UID or GID zero (root), ninja will log necessary information about this process, and optionally kill the process if it was spawned by an unauthorized user. A "magic" group can be specified, allowing members of this group to run any setuid/setgid root executable. Individual executables can be whitelisted. Ninja uses a fine grained whitelist that lets you whitelist executables on a group and/or user basis. This can be used to allow specific groups or individual users access to setuid/setgid root programs, such as su(1) and passwd(1).



    Binary package: ninja_0.1.3-2_amd64.deb
    Source package: ninja

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install ninja deb package:
      # sudo apt-get install ninja


    • /etc/default/ninja
    • /etc/init.d/ninja
    • /etc/logcheck/ignore.d.server/ninja
    • /etc/logrotate.d/ninja
    • /etc/ninja/ninja.conf
    • /etc/ninja/whitelist
    • /usr/sbin/ninja
    • /usr/share/doc/ninja/changelog.Debian.gz
    • /usr/share/doc/ninja/changelog.gz
    • /usr/share/doc/ninja/copyright
    • /usr/share/doc/ninja/examples/default.conf
    • /usr/share/doc/ninja/examples/simple.wlist
    • /usr/share/man/man8/ninja.8.gz


    2010-01-10 - William Vera <> ninja (0.1.3-2) unstable; urgency=low * Fixed logrotate file typo. (Closes: #563328). * Added a default logcheck ignore file. (Closes: #563329). * Fixed incorrect init script dependencies. (Closes: #567443). * Changed and fixed initscript. (Closes: #563989). * Added a preinst script to create a logfile. (Closes: #568780).

    2009-12-04 - William Vera <> ninja (0.1.3-1) unstable; urgency=low * New upstream release. * This version fix segfault on x86_64 platforms. (Closes: #559257). * Updated copyright file to GPL-2. * Added logrotate as depend at control file. * Added dh_installlogrotate at rules file. * Modified ninja.conf to use a logfile. * Fixed initscript.

    2009-12-03 - William Vera <> ninja (0.1.2-6) unstable; urgency=low * Fixed initscript to capture the pid properly. (Closes: #559258). * Customized default whitelist for Debian. (Closes: #558997). * Changed the config file, automatics kills enabled. (Closes: #559259).

    2009-11-08 - William Vera <> ninja (0.1.2-5) unstable; urgency=low * Changed ninja.conf to to prevent postinst fail (Closes: #555200).

    2009-10-31 - William Vera <> ninja (0.1.2-4) unstable; urgency=low * Added a default config files at /etc/ninja. * Added a initscript (Closes: #550545). * Updated Standards Version to 3.8.3. * Added ${misc:Depends} at debian/control. * Updated debhelper version at debian/control.

    2009-05-08 - William Vera <> ninja (0.1.2-3) unstable; urgency=low * Fixed typo in package description: GNU\Linux (Closes: #515174). * Corrected the date of initial release in the copyright file. * Updated the compat version to 5. * Updated the Standards-Version to 3.8.1.

    2008-08-11 - William Vera <> ninja (0.1.2-2) unstable; urgency=low * Updated standards version to 3.8.0. * Updated Homepage in control file. * Added watch file.

    2007-07-04 - William Vera <> ninja (0.1.2-1) unstable; urgency=low * Initial release (Closes: #325824)