[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
On Thursday, May 14, stanislav shalunov wrote:
> It might be useful to have some sort of securemask on per process
> basis (with a special system call that can _set_ some bits of
> it--there should be no way of clearing a bit, and it should be
> inherited by children).
> Possible applications that I am seeing:
> * Forbid (and log) all attempts to *fork();
> * Forbid (and log) all attempts to exec*();
> * Forbid (and log) all attempts to setsockopt(), connect(), and sendto();
> * Forbid (and log) all attempts to setsockopt(), accept(), and recvfrom();
> * Change open() semantics so that open does not follow symbolic links;
> * Change open() semantics so that files can be opened only for
> (a) reading; (b) appending; (c) with O_EXCL|O_TRUNC flags.
It would be nice to see this implemented. I'm not sure, but there is a "class"
field in master.passwd, which could be used to point to a database of sorts,
which could be used by login,xdm,etc for initializing this per-process field.
Of course, then some substantial changes to the kernel...