Page 1 of 1
Feature request (is this even possible?)
Posted:
Mon Jun 02, 2003 1:54 pm
by epoch
I've been thinking of ways of 'paranoia-ifying' my system even further than grsecurity, and have come up with an interesting idea. Would it be possible to extend grsecurity ACLs to allow user control over his/her own files? As in, have the master ACLs, and each user can control another set of ACLs on top (but not overriding) the master ACLs, to protect his/her files from malicious programs/scripts.
Posted:
Mon Jun 02, 2003 11:40 pm
by spender
It's possible. I won't be doing that though, as it's not MAC, but DAC (the user controls access to his files). Though somewhat along those lines, grsecurity 2.0 supports user/group/special roles that either do or don't require authentication. If the user wants to restrict his own files, the proper thing to do would be to have the administrator create additional users for the applications they want separated. With regular UNIX permissions this can be administered.
-Brad
Slight problem with that
Posted:
Tue Jun 03, 2003 8:50 am
by epoch
I've thought of that, but there's a slight problem that made me think of this solution. If the admin puts those apps in a separate group, that group must have (at least) read access to everyone's home directory, and write access to files or subdirectories. Any vulnerability (even if it can just open files) in the app can then be exploited (even if it's not a real vulnerability, but an app like openoffice, which can open and save files) to write to other users directories.
That aside, I guess I should start searching for other patches that do DACs