Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
From: AstralStorm
Date: Tue Dec 18 2007 - 10:23:02 EST
On Mon, 17 Dec 2007 16:05:31 +0300
Al Boldi <a1426z@xxxxxxxxx> wrote:
> Indan Zupancic wrote:
> > On Mon, December 17, 2007 01:40, Tetsuo Handa wrote:
> > I think you can better spend your time on read-only bind mounts.
>
> That would be too coarse.
>
Actually, who needs to create device nodes? Just prohibit everyone from
creating them, except "installer" and "udev" personality.
This means removing CAP_MKNOD on a global scale.
(OTOH, both don't need CAP_SYS_ADMIN. Maybe udev needs
CAP_SYS_MODULE...)
Now, stopping people from faking hotplug events is totally another
story. Is that currently possible?
Attachment:
signature.asc
Description: PGP signature