From: Joachim Blaabjerg <styx@gentoo.org>
To: gentoo-hardened@gentoo.org
Subject: Re: [gentoo-hardened] ACL implementations
Date: Sun, 23 Mar 2003 22:20:52 +0100 [thread overview]
Message-ID: <200303232220.55931.styx@gentoo.org> (raw)
In-Reply-To: <20030322T014952Z_B95E00150000@gentoo.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Saturday 22 March 2003 08:49, Joshua Brindle wrote:
> While we are pretty much set to use selinux for our MAC implementation we
> still need a lighter weight, less intrusive ACL implementation.
Indeed. Unfortunately, I haven't got enough experience with selinux to say
how intrusive and hard it is to use, so my statements here might be
invalid. After some experience with systrace, I've found it very stable and
easy to use (the stability point might be invalid, as I've only used it on
OpenBSD). Bottom line: It's a simple consept that works, and I like it.
Still, I don't think it will be very good for system wide operation through
wrappers and such. Wrappers are dirty, and shouldn't (IMO) be used or
supported in a large extent by a major Linux distribution. A nicer solution
would be to either ask someone central in systrace development (Niels or
Marius, for instance) how hard it would be to enforce systrace on a
system-wide basis natively in the kernel (and if they're willing to pursue
such an idea... there might be a valid reason why they designed it this way
in the first place).
However, as Nate demontrates, systrace works quite well when invoked through
rc scripts. IMO, it would be very nice to provide default ACLs and a
possibility to enforce systrace on daemons started through the rc scripts.
I do agree that selinux should be the main concern for developers in the
startup phase, but setting up a framework for systrace in the rc scripts
shouldn't be too demanding, and could probably be done without losing more
than a couple of days worth of selinux work. Some people (including myself)
would appreciate something lighter than selinux mostly for daemons. Light
paranoia and security awareness vs. full paranoia, kind of :)
Regards,
- --
Joachim Blaabjerg
Gentoo Linux Security Developer
GPG key @ http://cvs.gentoo.org/~styx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+fiU3FJKdDpq6hFsRAuZSAJ0aKyN72Q4JGi1cX6+NJ3uCNABYyQCghlsu
bfz+cMlX4fc50sNW8aGBLss=
=1nDh
-----END PGP SIGNATURE-----
--
gentoo-hardened@gentoo.org mailing list
next prev parent reply other threads:[~2003-03-23 21:20 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-03-22 7:49 [gentoo-hardened] ACL implementations Joshua Brindle
2003-03-22 8:30 ` Nate Underwood
2003-03-23 17:53 ` Justin Heesemann
2003-03-23 21:47 ` [gentoo-hardened] ACL, WOLK, systrace, grsecurity Gavin Vess
2003-03-24 11:40 ` Justin Heesemann
2003-03-23 6:11 ` [gentoo-hardened] ACL implementations Gavin Vess
2003-03-23 21:20 ` Joachim Blaabjerg [this message]
-- strict thread matches above, loose matches on Subject: below --
2003-03-23 2:53 Joshua Brindle
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200303232220.55931.styx@gentoo.org \
--to=styx@gentoo.org \
--cc=gentoo-hardened@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox