Re: request: capabilities that allow users to drop privileges further
From: Chris Wright
Date: Tue Dec 16 2003 - 20:43:31 EST
* Felix von Leitner (felix-kernel@xxxxxxx) wrote:
> Imagine being able to call "gzip -dc" in a pipe and denying it write
> access to the file system, network I/O and other harmful operations.
> If programs can restrict themselves, we could write email client
> software that uses external untrusted plugins without fear of buffer
> overflows or catching yourself a root kit.
Write some SELinux policies for the email and web server that do what
you'd like. The LSM infrastructure allows you to control all these
things, and SELinux gives a configuration language to do this with.
Or you can write a simple module to do just what you'd like.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/