From: Sam Vilain <sam@vilain.net>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Chris Wright <chrisw@sous-sol.org>,
Nick Piggin <nickpiggin@yahoo.com.au>,
Herbert Poetzl <herbert@13thfloor.at>,
Bill Davidsen <davidsen@tmr.com>,
Linux Kernel ML <linux-kernel@vger.kernel.org>,
"Serge E. Hallyn" <serue@us.ibm.com>
Subject: Re: [RFC] Virtualization steps
Date: Thu, 30 Mar 2006 14:24:40 +1200 [thread overview]
Message-ID: <442B4168.6070806@vilain.net> (raw)
In-Reply-To: <m1psk4g2xa.fsf@ebiederm.dsl.xmission.com>
Eric W. Biederman wrote:
>I think what we really want are stacked security modules.
>
>I have not yet fully digested all of the requirements for multiple servers
>on the same machine but increasingly the security aspects look
>like a job for a security module.
>
>Enforcing policies like container A cannot send signals to processes
>in container B or something like that.
>
>
We could even end up making security modules to implement standard unix
security. ie, which processes can send any signal to other processes.
Why hardcode the (!sender.user_id || (sender.user_id == target.user_id)
) rule at all? That rule should be the default rule in a security module
chain.
I just think that doing it this way is the wrong way around, but I guess
I'm hardly qualified to speak on this. Aren't security modules supposed
to be for custom security policy, not standard system semantics ?
Sam.
next prev parent reply other threads:[~2006-03-30 2:24 UTC|newest]
Thread overview: 125+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-24 17:19 [RFC] Virtualization steps Kirill Korotaev
2006-03-24 17:33 ` Nick Piggin
2006-03-24 19:25 ` Dave Hansen
2006-03-24 19:53 ` Eric W. Biederman
2006-03-28 4:28 ` Bill Davidsen
2006-03-28 5:31 ` Sam Vilain
2006-03-28 6:45 ` [Devel] " Kir Kolyshkin
2006-03-28 21:59 ` Sam Vilain
2006-03-28 22:24 ` Kir Kolyshkin
2006-03-28 23:28 ` Sam Vilain
2006-03-29 9:13 ` Kirill Korotaev
2006-03-29 11:08 ` Sam Vilain
2006-03-29 13:45 ` Herbert Poetzl
2006-03-29 14:47 ` Kirill Korotaev
2006-03-29 17:29 ` Herbert Poetzl
2006-03-29 21:37 ` Sam Vilain
2006-04-12 8:28 ` Kirill Korotaev
2006-04-13 1:05 ` Herbert Poetzl
2006-04-13 6:52 ` Kirill Korotaev
2006-04-13 13:42 ` Herbert Poetzl
2006-04-13 21:33 ` Cedric Le Goater
2006-04-13 22:45 ` Herbert Poetzl
2006-04-14 7:41 ` Kirill Korotaev
2006-04-14 9:56 ` Cedric Le Goater
2006-04-15 19:29 ` Herbert Poetzl
2006-04-13 22:51 ` Kir Kolyshkin
2006-04-14 10:08 ` Cedric Le Goater
2006-04-15 19:31 ` Herbert Poetzl
2006-03-28 8:52 ` Herbert Poetzl
2006-03-28 9:00 ` Nick Piggin
2006-03-28 14:26 ` Herbert Poetzl
2006-03-28 14:44 ` Nick Piggin
2006-03-29 6:05 ` Eric W. Biederman
2006-03-29 6:19 ` Sam Vilain
2006-03-29 18:20 ` Chris Wright
2006-03-29 22:36 ` Sam Vilain
2006-03-29 22:52 ` Chris Wright
2006-03-29 23:01 ` Sam Vilain
2006-03-29 23:13 ` Chris Wright
2006-03-29 23:18 ` Sam Vilain
2006-03-29 23:28 ` Chris Wright
2006-03-30 1:02 ` Eric W. Biederman
2006-03-30 1:36 ` Chris Wright
2006-03-30 1:41 ` David Lang
2006-03-30 2:04 ` Chris Wright
2006-03-30 14:32 ` Serge E. Hallyn
2006-03-30 15:30 ` Herbert Poetzl
2006-03-30 16:43 ` Serge E. Hallyn
2006-03-30 18:00 ` Eric W. Biederman
2006-03-31 13:40 ` Serge E. Hallyn
2006-03-30 16:07 ` Stephen Smalley
2006-03-30 16:15 ` Serge E. Hallyn
2006-03-30 18:55 ` Chris Wright
2006-03-30 18:44 ` Eric W. Biederman
2006-03-30 19:07 ` Chris Wright
2006-03-31 5:36 ` Eric W. Biederman
2006-03-31 5:51 ` Chris Wright
2006-03-31 6:52 ` Eric W. Biederman
2006-03-30 18:53 ` Chris Wright
2006-03-30 2:48 ` Eric W. Biederman
2006-03-30 19:23 ` Chris Wright
2006-03-31 6:00 ` Eric W. Biederman
2006-03-31 14:52 ` Stephen Smalley
2006-03-31 16:39 ` Eric W. Biederman
2006-03-30 13:29 ` Serge E. Hallyn
2006-03-30 13:37 ` Eric W. Biederman
2006-03-30 14:55 ` Serge E. Hallyn
2006-03-30 2:24 ` Sam Vilain [this message]
2006-03-30 3:01 ` Eric W. Biederman
2006-03-30 3:26 ` Nick Piggin
2006-03-30 10:30 ` Eric W. Biederman
2006-04-11 10:32 ` Kirill Korotaev
2006-04-11 11:14 ` Nick Piggin
2006-04-11 14:44 ` Kirill Korotaev
2006-03-28 9:00 ` Kirill Korotaev
2006-03-28 14:41 ` Bill Davidsen
2006-03-28 15:03 ` Eric W. Biederman
2006-03-28 17:48 ` Jeff Dike
2006-03-28 23:07 ` Sam Vilain
2006-03-29 20:56 ` Bill Davidsen
2006-03-28 20:29 ` [Devel] " Jun OKAJIMA
2006-03-28 20:50 ` Kir Kolyshkin
2006-03-28 21:38 ` Jun OKAJIMA
2006-03-28 21:51 ` Eric W. Biederman
2006-03-28 23:18 ` Sam Vilain
2006-04-03 16:47 ` Bill Davidsen
2006-04-11 10:38 ` Kirill Korotaev
2006-04-11 16:20 ` Herbert Poetzl
2006-04-11 18:12 ` Kir Kolyshkin
2006-04-12 5:12 ` Andi Kleen
2006-04-12 6:55 ` Kirill Korotaev
2006-04-12 6:53 ` Andi Kleen
2006-04-12 7:51 ` Kirill Korotaev
2006-04-12 17:03 ` Andi Kleen
2006-04-12 17:20 ` Eric W. Biederman
2006-04-13 16:54 ` Alexey Kuznetsov
2006-04-30 13:22 ` Bill Davidsen
2006-04-30 21:34 ` Sam Vilain
2006-05-01 12:27 ` Kirill Korotaev
2006-05-03 20:32 ` Bill Davidsen
2006-03-28 9:02 ` Kirill Korotaev
2006-03-28 9:15 ` Nick Piggin
2006-03-28 15:35 ` Herbert Poetzl
2006-03-28 15:53 ` Nick Piggin
2006-03-28 16:31 ` Eric W. Biederman
2006-03-29 21:37 ` Bill Davidsen
2006-03-28 16:15 ` Eric W. Biederman
2006-03-28 23:04 ` Sam Vilain
2006-03-29 1:39 ` Kirill Korotaev
2006-03-29 13:47 ` Herbert Poetzl
2006-03-28 15:48 ` [Devel] " Matt Ayres
2006-03-28 16:42 ` Eric W. Biederman
2006-03-28 17:04 ` Matt Ayres
2006-03-29 0:55 ` Kirill Korotaev
2006-03-24 18:36 ` Eric W. Biederman
2006-03-24 21:19 ` Herbert Poetzl
2006-03-27 18:45 ` Eric W. Biederman
2006-03-28 8:51 ` Kirill Korotaev
2006-03-28 12:53 ` Serge E. Hallyn
2006-03-28 22:51 ` Sam Vilain
2006-03-29 20:30 ` Dave Hansen
2006-03-29 20:47 ` Eric W. Biederman
2006-03-29 22:44 ` Sam Vilain
2006-03-30 13:51 ` Kirill Korotaev
2006-03-28 21:58 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=442B4168.6070806@vilain.net \
--to=sam@vilain.net \
--cc=chrisw@sous-sol.org \
--cc=davidsen@tmr.com \
--cc=ebiederm@xmission.com \
--cc=herbert@13thfloor.at \
--cc=linux-kernel@vger.kernel.org \
--cc=nickpiggin@yahoo.com.au \
--cc=serue@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox