Re: RFC: Network privilege separation.

From: Andi Kleen
Date: Mon Jan 12 2009 - 14:29:25 EST

Next message: Pallipadi, Venkatesh: "Re: [git pull] x86 fixes"
Previous message: H. Peter Anvin: "Re: gcc inlining heuristics was Re: [PATCH -v7][RFC]: mutex: implementadaptive spinning"
In reply to: Bryan Donlan: "Re: RFC: Network privilege separation."
Next in thread: Rémi Denis-Courmont: "Re: RFC: Network privilege separation."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Yes, the network access part *is* something that should be part of a more
> general interface. Having said that, we currently are lacking a way for a
> *general user* program to say "I'm all set up, and would like to disavow any
> other further resource access (except maybe r/o access as "other" to file
> systems)".

seccomp does exactly that. It's quite obscure, but available in most
linux kernels. Basically it blocks everything except
read/write on already open file descriptors.

I always thought it would be nice if codecs (which tend
to be full of security holes) ran in such jails by default

-Andi

--
ak@xxxxxxxxxxxxxxx -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pallipadi, Venkatesh: "Re: [git pull] x86 fixes"
Previous message: H. Peter Anvin: "Re: gcc inlining heuristics was Re: [PATCH -v7][RFC]: mutex: implementadaptive spinning"
In reply to: Bryan Donlan: "Re: RFC: Network privilege separation."
Next in thread: Rémi Denis-Courmont: "Re: RFC: Network privilege separation."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]