Casper.Dik at Sun.COM wrote: > -- OPENSOLARIS PROJECT PROPOSAL -- > > Project Name: Fine Grained Access Policy (FGAP) > > Project Synopsis: Enabling finer grained access control in OpenSolaris > > Project Purpose: > > The current Solaris privilege model does not allow one > to express policy requirements such as "only allow > binding to port 80/tcp", "only allow read access to > file <<foo>>" or "only allow write access under $HOME/.mozilla" > for a particular process or set of processes. > > FGAP augments the current privilege model by allowing additional, > otherwise privileged operations, in a restricted manner as specified in > a configurable policy. It is therefore compatible with current Solaris > as applications which assert specific privileges will continue to > work. > > It should be possible to leverage the resulting policy > exception mechanism through SMF by specifying the policy > in a service's XML file but also as a mechanism > to "sandbox" applications running under user accounts > by first removing ``basic'' privileges and then granting > them on a case by case basis. To this end, the set > of basic privileges may need to grow to include binding > to any network port, modifying any filesystem object, etc. > > As part of this project, we will also take a closer look at > the implementation of profile shell in order to address > some of their deficiencies: > > - the requirement to add profile shell support code > to every shell > - the inability to run internal commands as profiled > commands or to add additional privileges to file > redirects in profile shells. > > The intent is to be able to express the "profileness" of > a process using a process attribute, rather than having the > shell do all the work. > > We also propose to start a project specific list sooner > rather than later (fgap-discuss) > > Proposed Sponsors: Security > > Initial set of proposed project leads: > > Casper Dik [point of contact] > Glenn Faden > > Additional Participants: > > Christoph Schuba > > > Other interested participants: please speak up, or join the project > list once we have it running. Contributions of both code and review >
+1 to the huge approval list... Sign me up for review and feedback. g
