Re: Security through Permissiveness: A Zen Riddle?

• Previous message: Casey Schaufler: "Re: Changes to LSM phase 1 for audit."
• In reply to: Tim Hollebeek: "RE: Security through Permissiveness: A Zen Riddle?"
• Next in thread: Jesse Pollard: "RE: Security through Permissiveness: A Zen Riddle?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Tim Hollebeek wrote:

> Many things that don't need root privs run below 1024 for a similar reason:
> they are considered to be "machine wide" services, administered by root
> instead of just some user.

Back in the early days of Trusted Irix (1990?) I
proposed that the policy for accessing low number
ports ought to be considered a DAC policy, where
ports through 1023 ought to be considered as owned
by uid 0, mode 600, and all others mode 666.
This has the advantage that, on a system without
a Superuser, a system process can run without
capabilities and still access the low ports.

No one took it seriously then, either.

-- 

Casey Schaufler				Manager, Trust Technology, SGI
caseyat_private				voice: 650.933.1634
casey_pat_private			Pager: 888.220.0607

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Greg KH: "Re: Changes to LSM phase 1 for audit."
• Previous message: Casey Schaufler: "Re: Changes to LSM phase 1 for audit."
• In reply to: Tim Hollebeek: "RE: Security through Permissiveness: A Zen Riddle?"
• Next in thread: Jesse Pollard: "RE: Security through Permissiveness: A Zen Riddle?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 18 2001 - 09:49:26 PDT