Lower Process Capabilities

James Morris jmorris at namei.org
Wed Jul 29 13:01:52 UTC 2009


On Wed, 29 Jul 2009, Stephen Smalley wrote:

> So I think the only piece of the proposal that is orthogonal to SELinux
> is privilege bracketing within the program (dropping caps after use).  
> But the changes to the file and directory permissions seem more
> questionable.

Once we have access control on policy itself, we may be able to provide an 
API where an application can toggle a boolean on itself, e.g. to perform 
one action with broader permissions, then switch to a tighter set of 
permissions.  This might be implementable in a way which also prevents 
applications from ever gaining more permissions (via typebounds).



- James
-- 
James Morris
<jmorris at namei.org>




More information about the devel mailing list