[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Addition to kauth(9) framework
> I'd like to apply the attached patch.
> It implements two things:
> - chroot(2)-ed process is given new kauth_cred_t with reference count
> equal to 1.
can you find a way to avoid this?
> - New id KAUTH_CRED_CHROOT is added to kauth(9) credentials scope
> which is used when chroot(2) or fchroot(2) is called.
> This two things allows to implement things like securechroot(9) secmodel
> described here
> After commiting this patch I'll move the rest of securechroot(9)
> to pkgsrc until it is ready to be integrated into the kernel.
> Best regards, Aleksey Cheusov.
Main Index |
Thread Index |