Lower Process Capabilities
James Morris
jmorris at namei.org
Wed Jul 29 13:01:52 UTC 2009
On Wed, 29 Jul 2009, Stephen Smalley wrote:
> So I think the only piece of the proposal that is orthogonal to SELinux
> is privilege bracketing within the program (dropping caps after use).
> But the changes to the file and directory permissions seem more
> questionable.
Once we have access control on policy itself, we may be able to provide an
API where an application can toggle a boolean on itself, e.g. to perform
one action with broader permissions, then switch to a tighter set of
permissions. This might be implementable in a way which also prevents
applications from ever gaining more permissions (via typebounds).
- James
--
James Morris
<jmorris at namei.org>
More information about the devel
mailing list