Re: ideas for kernel 2.1

Aaron Ucko (UCKO@vax1.rockhurst.edu)
Sat, 15 Jun 1996 20:21:58 -0600 (CST)


>> *** Warning only the truly security PARANOIDs will like this ***
>>
>> Forcing registraction with a "machine assigned" magic cookie
>> in each binary before it could access superuser functions in the
>> kernel. With ever increasing security risks both system dependend
>> and indepenend. For example rogue Java scripts and programs,
>> viruses and the like specific to Linux (not that i have ever
>> seen such an animal).
>>
>> The kernel would require machine dependent magic cookie to be
>> registered before programs would be allowed to access to suser
>> functions, The following are examples of programs that would
>> require modifications to run in this secure invironment
>> .i.e. fdformat, fdisk, setserial, etc. Once compiled the binaries
>> would be stored in a secure place (a non-loaded floppy disk)
>
>Using securelevel and the immutable attribute of ext2 would solve
>your problem without your suggestion's problems.

Better yet, isn't this the sort of thing POSIX.6 permissions were
designed for? Just give each program the permissions it needs...
(There's a mailing list for such discussion, but I can't remember
the address. Sorry.)

-- Aaron Ucko (ucko@vax1.rockhurst.edu; finger for PGP public key) | httyp!
"That's right," he said. "We're philosophers. We think, therefore we am."
-- Terry Pratchett, _Small Gods_ | Geek Code 3.1 [for explanation, finger
hayden@mankato.msus.edu]: GCS/M/S/C d- s: a18 C++(+++)>++++ UL++>++++ P++
L++>+++++ E- W(-) N++(+) o+ K- w--- O M@ V-(--) PS++(+++) PE- Y(+) PGP(+) t(+)
!5 X-- R(-) tv-@ b++(+++) DI+ !D-- G++(+++) e->+++++(*) h!>+ r-(--)>+++ y?