Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
Show an example that falls outside of what can be done with the existing permission system, then we, (I at least), will care more.
Why we should care
Posted Aug 17, 2005 20:35 UTC (Wed) by jmshh (guest, #8257)
Posted Aug 18, 2005 3:07 UTC (Thu) by flewellyn (subscriber, #5047)
SELinux's mandatory controls override this. Something labeled as "secret", for instance, could be
set so that only certain users could read or write the file, and even the file's owner cannot change
this. This level of security in addition to traditional discretionary controls is invaluable.
Posted Aug 18, 2005 7:54 UTC (Thu) by jmshh (guest, #8257)
Posted Aug 18, 2005 11:49 UTC (Thu) by druiloor (guest, #26069)
However that might be major pain, and not al all easy to get right ...
What i found to be a good read, discussing security inc MAC, MLS, et al:
Posted Aug 18, 2005 8:00 UTC (Thu) by janfrode (subscriber, #244)
Readable by everybody:
Not readable by any processes started by users logged in via eth0:
sshd started from /etc/rc*.d/ belongs to a different domain than prosesses initiated from eth0, so sshd can read this file.
Posted Aug 20, 2005 4:27 UTC (Sat) by josh_stern (guest, #4868)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds