tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Addition to kauth(9) framework

I'd like to apply the attached patch.
It implements two things:

- chroot(2)-ed process is given new kauth_cred_t with reference count
  equal to 1.
- New id KAUTH_CRED_CHROOT is added to kauth(9) credentials scope
  which is used when chroot(2) or fchroot(2) is called.

This two things allows to implement things like securechroot(9) secmodel
described here

After commiting this patch I'll move the rest of securechroot(9)
to pkgsrc until it is ready to be integrated into the kernel.


Best regards, Aleksey Cheusov.

Home | Main Index | Thread Index | Old Index