Re: [PATCH] [request for inclusion] Realtime LSM

From: Martin Mares
Date: Fri Jan 07 2005 - 11:07:09 EST

Next message: Arjan van de Ven: "Re: [PATCH] [request for inclusion] Realtime LSM"
Previous message: Lukasz Trabinski: "uselib() & 2.6.X?"
In reply to: Paul Davis: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Paul Davis: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello!

> >yes; most distributions will use pam for this, you can set per user or per
> >gorup limits there.
>
> isn't that a uid/gid based system? ok, i'm being a little snide :)

:) The big difference between this and a pure uid/gid based system is that
pam_limits is not the only place where you can change the ulimits. If your
system is simple enough that deciding on uid/gid is enough, you can use
pam_limits; if not and you for example want to make the limits depend
on the phase of the moon, it's easy to do so -- just write a simple user space
program which will set the limits accordingly. Also, if the user wishes to
restrict his abilities, because he's going to do some experiment and he
doesn't want to lock up the machine, he can easily do so.

Except for filesystem permissions, I think that it's exactly the usual UNIX
way of controlling access -- the kernel takes care of access checks based
on some trivial attributes like ulimits and capabilities, and user space
decides who should get which. I don't see any reason why the right to use
realtime scheduling should be treated differently. Do you?

It's quite probable that the current system of capabilities is not well
suited for this, but I think that although it's tempting to work around it
by introducing a new security module, in the long term it's much better
to extend and/or fix the capabilities -- I don't see any fundamental reason
for capabilities being unusable for this goal, it's much more likely to be
just minor details in the implementation.

Have a nice fortnight
--
Martin `MJ' Mares <mj@xxxxxx> http://atrey.karlin.mff.cuni.cz/~mj/
Faculty of Math and Physics, Charles University, Prague, Czech Rep., Earth
Always remember that you are absolutely unique ... just like everyone else.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Arjan van de Ven: "Re: [PATCH] [request for inclusion] Realtime LSM"
Previous message: Lukasz Trabinski: "uselib() & 2.6.X?"
In reply to: Paul Davis: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Paul Davis: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]