Re: Special Kernel Modification

• Next message: Jeff Dike: "Re: Special Kernel Modification"
• Previous message: Rik van Riel: "Re: Special Kernel Modification"
• In reply to: Alan Cox: "Re: Special Kernel Modification"
• Next in thread: Ryan Cumming: "Re: Special Kernel Modification"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

can you point me to a site so i can learn more about that binding of mounts? i recently heard something about that in plan 9, and it sounds very interesting. union mounting they call it also, correct?

On Mon, 5 Nov 2001 00:22:27 +0000 (GMT), Alan Cox wrote:
> > I have look into using things like "chroot" to restrict the users for
> > this very special server, but that solution is not what we need.
>
> It sounds like it is to me
>
> > My problem is that I need to find a way to prevent the user from
> > navigating out of their home directories.
>
> Then you must put al the files in their home directories. Alternatively
> with later 2.4 you can use bind mounts to remount the application file
> systems below the user.
>
> > Is there someone who might be able to give me some information on how I
> > could add a few lines to the VFS filesystem so that I might set some
> > type of extended attribute to prevent users from navigating out of the
> > locations.
>
> It isnt down to attributes - how you can run a binary or load a shared
> library you cant see.
>
> You might also want to see http://www.nsa.gov/selinux, but that would
> require a lot of careful policy setup
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
>

- --
Phil Sorber
AIM: PSUdaemon
IRC: irc.openprojects.net #psulug PSUdaemon
GnuPG: keyserver - pgp.mit.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE75d+9Xm6Gwek+iaQRAgnVAKCBpdA6EzpXoT/SIffK4yuPviHENgCggVq6
+6Dn7AzjrsT+S7GavhNudSI=
=eEGW
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Jeff Dike: "Re: Special Kernel Modification"
• Previous message: Rik van Riel: "Re: Special Kernel Modification"
• In reply to: Alan Cox: "Re: Special Kernel Modification"
• Next in thread: Ryan Cumming: "Re: Special Kernel Modification"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Nov 07 2001 - 21:00:24 EST