From: Christian Borntraeger <kernel@borntraeger.net>
To: root@chaos.analogic.com, Felix von Leitner <felix-kernel@fefe.de>
Cc: linux-kernel@vger.kernel.org
Subject: Re: request: capabilities that allow users to drop privileges further
Date: Mon, 15 Dec 2003 23:55:41 +0100 [thread overview]
Message-ID: <200312152355.41980.kernel@borntraeger.net> (raw)
In-Reply-To: <Pine.LNX.4.53.0312151700320.15531@chaos>
Richard B. Johnson wrote:
> On Mon, 15 Dec 2003, Felix von Leitner wrote:
> > I would like to be able to drop capabilities that every normal user
[...]
> > security problems further. For example, I want my non-cgi web server
[...]
> > * fork
> > * execve
> > * ptrace
[...]
> So you expect kernel support? Normally, real people write or
> modify applications to provide for specific exceptions to
> the standards. They don't expect an operating system to
> modify itself to unique situations. That's not what
> operating systems have generally done in the past.
[...]
I dont agree. Policy is userspace but enforcing the policy very often needs
kernel support.
Having ACL in 2.6 is an example where operating system already adopted to
special needs. Furthermore, the kernel is already able to drop special
capabilites, like module loading. Having a generalised capabilites model
is a good idea and there are already some more or less usable security
modules.
cheers
Christian
next prev parent reply other threads:[~2003-12-15 22:56 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-12-15 21:39 request: capabilities that allow users to drop privileges further Felix von Leitner
2003-12-15 22:10 ` Richard B. Johnson
2003-12-15 22:55 ` Christian Borntraeger [this message]
2003-12-16 14:08 ` Martin Waitz
2003-12-15 22:34 ` Christian Borntraeger
2003-12-15 22:48 ` Chris Wright
2003-12-16 14:13 ` Martin Waitz
2003-12-17 1:30 ` Felix von Leitner
2003-12-17 1:41 ` Chris Wright
2003-12-16 13:27 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200312152355.41980.kernel@borntraeger.net \
--to=kernel@borntraeger.net \
--cc=felix-kernel@fefe.de \
--cc=linux-kernel@vger.kernel.org \
--cc=root@chaos.analogic.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox