Re: secure computing for 2.6.7

From: Bernd Eckenfels
Date: Sun Aug 01 2004 - 13:53:52 EST

Next message: Adrian Bunk: "[2.6 patch] let AIC7{9,X}XX_BUILD_FIRMWARE depend on !PREVENT_FIRMWARE_BUILD"
Previous message: Bart Alewijnse: "FAT trouble in 2.6.8-rc2-mm1"
In reply to: chris: "Re: secure computing for 2.6.7"
Next in thread: Alan Cox: "Re: secure computing for 2.6.7"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In article <Pine.LNX.4.58.0408011801260.1368@xxxxxxxxxxxxxxxxxxxxxxxx> you wrote:
> How hard would it be to have a per-task bitmap of syscalls allowed? This
> way, a task could restrict to the exact subset of syscalls required for
> maximum security.

Which somewhat overlaps with the user-priveldeges patches and some lsm
modules, so i am not sure if this needs to be small and lean to be useful on
its own.

Bernd
--
eckes privat - http://www.eckes.org/
Project Freefire - http://www.freefire.org/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Adrian Bunk: "[2.6 patch] let AIC7{9,X}XX_BUILD_FIRMWARE depend on !PREVENT_FIRMWARE_BUILD"
Previous message: Bart Alewijnse: "FAT trouble in 2.6.8-rc2-mm1"
In reply to: chris: "Re: secure computing for 2.6.7"
Next in thread: Alan Cox: "Re: secure computing for 2.6.7"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]