Re: [RFC] Virtualization steps

From: Sam Vilain
Date: Wed Mar 29 2006 - 21:21:58 EST

Next message: Nick Piggin: "Re: Fix unlock_buffer() to work the same way as bit_unlock()"
Previous message: Yasunori Goto: "[Patch:011/011] Configureable NODES_SHIFT (for sh)"
In reply to: Serge E. Hallyn: "Re: [RFC] Virtualization steps"
Next in thread: Eric W. Biederman: "Re: [RFC] Virtualization steps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Eric W. Biederman wrote:

>I think what we really want are stacked security modules.
>
>I have not yet fully digested all of the requirements for multiple servers
>on the same machine but increasingly the security aspects look
>like a job for a security module.
>
>Enforcing policies like container A cannot send signals to processes
>in container B or something like that.
>
>

We could even end up making security modules to implement standard unix
security. ie, which processes can send any signal to other processes.
Why hardcode the (!sender.user_id || (sender.user_id == target.user_id)
) rule at all? That rule should be the default rule in a security module
chain.

I just think that doing it this way is the wrong way around, but I guess
I'm hardly qualified to speak on this. Aren't security modules supposed
to be for custom security policy, not standard system semantics ?

Sam.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nick Piggin: "Re: Fix unlock_buffer() to work the same way as bit_unlock()"
Previous message: Yasunori Goto: "[Patch:011/011] Configureable NODES_SHIFT (for sh)"
In reply to: Serge E. Hallyn: "Re: [RFC] Virtualization steps"
Next in thread: Eric W. Biederman: "Re: [RFC] Virtualization steps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]