|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Finer-grained securelevel: proof of concept
Poul-Henning Kamp (phk
critter.freebsd.dk)
Fri, 22 Oct 1999 00:01:05 +0200
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Robert Watson: "Re: Finer-grained securelevel: proof of concept"
- Previous message: Gene Harris: "Re: Natd problem"
- In reply to: Josué José Souza Jr.: "Natd problem"
- Next in thread: Robert Watson: "Re: Finer-grained securelevel: proof of concept"
- Reply: Robert Watson: "Re: Finer-grained securelevel: proof of concept"
In message <Pine.BSF.3.96.991021083426.46884A-100000fledge.watson.org>, Robert
Watson writes:
>On 21 Oct 1999, Dag-Erling Smorgrav wrote:
>
>> Patches are available from http://www.freebsd.org/~des/. This is
>> strictly proof-of-concept; the patches demonstrate that fine-grained
>> security knobs can be implemented with minimal code impact. No
>> documentation is provided, RTFS.
>
>Very clean, pretty, etc -- only one object:
I have been talking to a lot of people over here, and one common
thing seems to be that they want to be able to set these things
differently on a "per jail" basis.
I actually think we should not get into the jail thing, but rather
make them inheritable like other credentials, so the structure
containing the stuff should hang of the proc structure, and hey
wait, we already have this "struct ucred" hanging there.
-- Poul-Henning Kamp FreeBSD coreteam member phkTo Unsubscribe: send mail to majordomo
- Next message: Robert Watson: "Re: Finer-grained securelevel: proof of concept"
- Previous message: Gene Harris: "Re: Natd problem"
- In reply to: Josué José Souza Jr.: "Natd problem"
- Next in thread: Robert Watson: "Re: Finer-grained securelevel: proof of concept"
- Reply: Robert Watson: "Re: Finer-grained securelevel: proof of concept"
This archive was generated by hypermail 2.0b3 on Thu Oct 21 1999 - 17:01:38 CDT