On Fri, 02 Feb 2007 00:41:00 +0200
Elad Efrat <elad@NetBSD.org> wrote:

> hi,
> 
> attached is a very simple patch that adds a "security.tpe" sysctl node
> to control a tpe (or, trusted path execution) feature.
> 
> what it does: prevent execution of any program that does not live in a
> directory that is owned by root and writable by neither group or
> other.
> 
> why would you need it: quick knob you can enable to prevent any users
> from running their own stuff. kinda useful if there's a now 0-day out
> or you're in the middle of patching your system or whatever.
> 
> caveats: it doesn't use kauth yet. if it could it would, so let's not
> get into that now. it also doesn't address interpreters (i.e., someone
> starting python and feeding it stuff) yet. we will do that -- we have
> the mechanism in place, but I'm holding it back for now.
> 
>
Interesting, though I need to think about it a bit.  (Thinking is
definitely advised; I just realized that one objection I had wasn't
valid...)



		--Steve Bellovin, http://www.cs.columbia.edu/~smb