On Dec 30, 2014 12:16 PM, "Michael Shell" <[email protected]> wrote: > Something like system-wide enforced application individualized sandboxing > is what I have in mind - each application should have an associated set > of permissions (installed as a text file in something like > /etc/perms/theapp) that sets limits on just what it is allowed to do - > that are passed on to any other applications that may be started by it. > And perhaps the rules could be defined in ways such that only half a dozen > or so predefined rule sets are needed for 99%+ of the applications so as > to make administration easy.
I don't want to take things too far off topic, but this is something I've thought about a bit. First, Android has successfully implemented something a lot like what you've described. Internally, different apps run as different Linux users with different permissions. Second, I have been kicking around an idea for a Linux distribution built around this very idea. (Unfortunately, I have too many existing projects to actually try it.) Basically, every package would have a set of SELinux rules. There would be a set of default rules described by the package, and a UI that lets the admin review and possibly modify those rules, again at a per-package level. I actually wanted to take the concept a step further, and make it possible to install and use packages even if you don't trust the package author. (Again, Android already does this.) For most existing package management systems, this is a non-starter because all the install scripts run as root. However, I think that the Nix package manager could be extended to support this. All Nix install/uninstall scripts are written in a DSL that describes a set of transformations to the system. I believe that the interpreter could be extended to support this sort of thing, either by adding some sandboxing functionality, or by analyzing the script up front and providing the admin a list of changes that will be performed. Again, I have no time and energy to undertake this myself, but if anyone else wants to take the initiative, I might pitch in here and there. William Tracy Sent from mobile, may contain typos.
-- http://lists.linuxfromscratch.org/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
