DragonFly users List (threaded) for 2008-05
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
Re: OT: setrlimit equivalent to prevent unlink or truncate
| From: | Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx> |
| Date: | Fri, 30 May 2008 15:01:43 -0700 (PDT) |
:> if it works, mounting the FS readonly should work..
:>
:> also, chflags might be helpful..
:>
:> or is this a coding question about coding the program that calls
:> setrlimit() ?
:>
:
:Yes, the latter. In a program I want to exec another binary with
:limited privileges.
I've thought about this problem off and on for ages, looking at
FreeBSD's extattr stuff and OpenBSD's syscall filters. Frankly,
I don't like either solution. The filesystem-based solution looks
almost impossible to manage and the syscall filter mechanic alone
is like a big stick with no fine control.
What I would to implement (or see implemented) is an inherited
capability and audit control list which specifies restrictions on
filesystem, network, and syscall access. The capabilities can only
become more restrictive as they pass down the inheritance chain and
there would also be a capability to govern the inheritance itself
(separate capabilities for fork, exec, and uid/gid changes).
-Matt
Matthew Dillon
<dillon@backplane.com>
- References:
- OT: setrlimit equivalent to prevent unlink or truncate
- From: Johannes Hofmann <hofmann@blob.baaderstrasse.com>
- Re: OT: setrlimit equivalent to prevent unlink or truncate
- From: Chris Turner <c.turner@199technologies.org>
- Re: OT: setrlimit equivalent to prevent unlink or truncate
- From: Johannes Hofmann <hofmann@blob.baaderstrasse.com>
- OT: setrlimit equivalent to prevent unlink or truncate
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]