Re: Security patch for /proc

Alexander Kjeldaas (astor@guardian.no)
Sun, 5 Apr 1998 22:21:01 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Thomas Pornin: "problems with cdda and ide cdrom"
Previous message: Linus Torvalds: "Re: write[blw] vs memcpy?"

On Sun, Apr 05, 1998 at 08:14:53AM -0400, Raul Miller wrote:
> Jeremy Fitzhardinge <jeremy@zip.com.au> wrote:
> > - I disallow access to all proc entries for a process, which is
> > probably a little draconian.
>
> Hmm... what about when chroot is used to bring up the system (in a
> fashion analogous to initrd, but without being ramdisk specific)?
>
> I think what you'd really need for security is not just chroot, but
> something to declare certain file systems (and their corresponding
> devices) off limits to a process and its decendants. Then it wouldn't
> matter how the references to those file systems were generated.
>

This can be achieved with what is called 'type enforcement'. Basically
you assign a type to all files on the system. Then you let processes
be allowed certain operations on types of files. Type enforcement is a
type of mandatory access control.

What people often really want when you use chroot is some sort of
mandatory access control to files on the system. What *I* usually want
when I use chroot is to have a 'machine within the machine' - to be
able to bootstrap a system for example. That's what chroot is good
for.

astor

-- Alexander Kjeldaas, Guardian Networks AS, Trondheim, Norway http://www.guardian.no/

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu

Next message: Thomas Pornin: "problems with cdda and ide cdrom"
Previous message: Linus Torvalds: "Re: write[blw] vs memcpy?"