[Gllug] Restricting Process Visibility
- Tethys
tethys at gmail.com
Wed May 17 15:30:51 UTC 2006
On 5/17/06, Steve Nelson <sanelson at gmail.com> wrote:
> > ps. On a more constructive note, SELinux sprung to mind.
> > But I guess that only grants you or denys you the right to look
> > at things in /proc
>
> Which would be a big step forward... but rhel 3 / 2.4 kernel doesn't
> have selinux :(
Yeah, I thought about SELinux initially, and also systrace, which is
probably a better option. But I don't think either of them allow
conditional policy decisions in that way, which is what would be
needed here. What you want is the ability to say:
- a request has been made to open() a file in /proc [1]
- permit the syscall to continue if:
- the file is owned by the current user
- the file is under /proc/foo, where foo is numeric
Systrace can conditionally permit/deny the syscall based on substring
matching in the arguments, but we need more than that in this
situation.
Tet
[1] ...and also getdents()/readdir() etc.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list