RFC: New security model secmodel_securechroot(9)

Hello. I've implemented new security model based on kauth(9) framework, secmodel_securechroot(9). Its purpose is to completely isolate chrooted processes from the host system, that is to prevent all destructive changes by chrooted processes even if they are run under root privileges and to

Re: RFC: New security model secmodel_securechroot(9)

On Sat, 09 Jul 2011, Aleksey Cheusov wrote: · Adding and enabling a ppp(4) interface is not allowed. · Adding and enabling a sl(4) interface is not allowed. · Adding and enabling a strip(4) interface is not allowed. · Adding and enabling a tun(4) interface is not

Re: RFC: New security model secmodel_securechroot(9)

· Adding and enabling a ppp(4) interface is not allowed. · Adding and enabling a sl(4) interface is not allowed. · Adding and enabling a strip(4) interface is not allowed. · Adding and enabling a tun(4) interface is not allowed. · Adding and enabling

Re: RFC: New security model secmodel_securechroot(9)

On Sat, Jul 09, 2011 at 12:03:50PM +0300, Aleksey Cheusov wrote: DESCRIPTION The securechroot security model is intended to protect the system against destructive modifications by chroot-ed processes. If enabled, secmodel_securechroot applies the following restrictions to

Re: RFC: New security model secmodel_securechroot(9)

On Sat, 9 Jul 2011, Alan Barrett wrote: On Sat, 09 Jul 2011, Aleksey Cheusov wrote: · Adding and enabling a ppp(4) interface is not allowed. · Adding and enabling a sl(4) interface is not allowed. · Adding and enabling a strip(4) interface is not allowed. ·

re: RFC: New security model secmodel_securechroot(9)

· Setting the process resource limits is not allowed. Lowering should still be possible. i'm not sure the point of this one, really. if this configuration is desired, then set rlimit max == cur to whatever you want before starting the chroot. ie, this can be done already with

Re: RFC: New security model secmodel_securechroot(9)

On Nov 29, 7:06am, Joerg Sonnenberger wrote: } On Sat, Jul 09, 2011 at 12:03:50PM +0300, Aleksey Cheusov wrote: } DESCRIPTION } The securechroot security model is intended to protect the system } against destructive modifications by chroot-ed processes. If } enabled,

Re: RFC: New security model secmodel_securechroot(9)

On Sat, Jul 09, 2011 at 12:03:50PM +0300, Aleksey Cheusov wrote: Hello. I've implemented new security model based on kauth(9) framework, secmodel_securechroot(9). Its purpose is to completely isolate chrooted processes from the host system, that is to prevent all destructive changes by