[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: RFC: New security model secmodel_securechroot(9)
On Nov 29, 7:06am, Joerg Sonnenberger wrote:
} On Sat, Jul 09, 2011 at 12:03:50PM +0300, Aleksey Cheusov wrote:
} > DESCRIPTION
} > The securechroot security model is intended to protect the system
} > against destructive modifications by chroot-ed processes. If
} > enabled, secmodel_securechroot applies the following restrictions
} > to chroot-ed processes.
} > · Module requests are not allowed.
} Does this include automatic loading of modules as side effect of actions
} or not?
This should be fine. When autoloading, it will only use the
system path and doesn't follow chroot.
} > · Firewall-related operations such as modification of packet
} > filtering rules or modification of NAT rules are not allowed.
} Table manipulation is a valid use case of a chroot, especially a
} restricted chroot. Consider FTP proxies as example.
Manipulating global state is a pretty major exception considering
the rest of the stuff here. If you want that, then don't use this
}-- End of excerpt from Joerg Sonnenberger
Main Index |
Thread Index |