Re: [RFC] [PATCH 00/13] Introduce task_pid api

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Quoting Arjan van de Ven ([email protected]):
> On Tue, 2004-12-14 at 15:23 +0000, Pavel Machek wrote:
> > Hi!
> > 
> > > One of my wish list items would be to run my things like my
> > > web browser in a container with only access to a subset of
> > > the things I can normally access.  That way I could be less
> > > concerned about the latest browser security bug.
> > 
> > subterfugue.sf.net (using ptrace), but yes, nicer solution
> > would be welcome.
> 
> selinux too, as well as andrea's syscall filter thing and many others.
> 
> the hardest is the balance between security and usability. You don't
> want your browser to be able to read files in your home dir (Except
> maybe a few selected ones in the browsers own dir)... until you want to
> upload a file via a webform.

Yup, right now I use a separate account (not in wheel) for web browsing,
which using Janak's unshare() patch and a small pam library gets its own
namespace which can't see my dmcrypted home partition and has private
/tmp.  File sharing is done through a non-standard tmp, just to prevent
scripts from using it.

Pretty convenient, but it really wants some stronger isolation.  You'd
think I'd at least use my bsdjail to keep unix sockets and such safe...

Anyway, real containers would indeed be far more convenient, or at least
prettier.  

-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux