OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
FreeBSD Security Archives: Re: Finer-grained securelevel: proof

Re: Finer-grained securelevel: proof of concept


Poul-Henning Kamp (phkcritter.freebsd.dk)
Fri, 22 Oct 1999 00:01:05 +0200


In message <Pine.BSF.3.96.991021083426.46884A-100000fledge.watson.org>, Robert
 Watson writes:
>On 21 Oct 1999, Dag-Erling Smorgrav wrote:
>
>> Patches are available from http://www.freebsd.org/~des/. This is
>> strictly proof-of-concept; the patches demonstrate that fine-grained
>> security knobs can be implemented with minimal code impact. No
>> documentation is provided, RTFS.
>
>Very clean, pretty, etc -- only one object:

I have been talking to a lot of people over here, and one common
thing seems to be that they want to be able to set these things
differently on a "per jail" basis.

I actually think we should not get into the jail thing, but rather
make them inheritable like other credentials, so the structure
containing the stuff should hang of the proc structure, and hey
wait, we already have this "struct ucred" hanging there.

--
Poul-Henning Kamp             FreeBSD coreteam member
phkFreeBSD.ORG               "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!

To Unsubscribe: send mail to majordomoFreeBSD.org with "unsubscribe freebsd-security" in the body of the message



This archive was generated by hypermail 2.0b3 on Thu Oct 21 1999 - 17:01:38 CDT