On Fri, Sep 03, 2004 at 09:54:23PM +0200, Kristian Sørensen wrote:Well nothing :-) The point was, that links and mount bindings are handled, and if the parent is restricted from accessing a file, the child is too.
We are working on a project called Umbrella, (umbrella.sf.net) which implements processbased mandatory accesscontrol in the Linux kernel. This access control is controlled by "restriction", e.g. by restricting some process from accessing any given file or directory.
E.g. if a root owned process is restricted from accessing /var/www, and the process is compromised by an attacker, no mater what he does, he would not be able to access this directory.
mount --bind /var/www /home/joe/p0rn/, and then?
Actually this "attack" is avoided, because restrictions are enherited, from parent proces to its children.
If you restrict your process on the path /var/ww/ but the same objects
are also available below a different path, what does that have to do with
child processes?