On Mon, 17 Dec 2007 16:05:31 +0300 Al Boldi <[email protected]> wrote: > Indan Zupancic wrote: > > On Mon, December 17, 2007 01:40, Tetsuo Handa wrote: > > I think you can better spend your time on read-only bind mounts. > > That would be too coarse. > Actually, who needs to create device nodes? Just prohibit everyone from creating them, except "installer" and "udev" personality. This means removing CAP_MKNOD on a global scale. (OTOH, both don't need CAP_SYS_ADMIN. Maybe udev needs CAP_SYS_MODULE...) Now, stopping people from faking hotplug events is totally another story. Is that currently possible?
Attachment:
signature.asc
Description: PGP signature
- Follow-Ups:
- Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
- From: Tetsuo Handa <[email protected]>
- Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
- References:
- Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
- From: David Newall <[email protected]>
- Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
- From: Tetsuo Handa <[email protected]>
- Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
- From: "Indan Zupancic" <[email protected]>
- Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
- From: Al Boldi <[email protected]>
- Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
- Prev by Date: Re: Important regression with XFS update for 2.6.24-rc6
- Next by Date: Re: [PATCH] atmel_serial: Split the interrupt handler
- Previous by thread: Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
- Next by thread: Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
- Index(es):
 |