LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Security page

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Plash 1.14 released

[Posted November 16, 2005 by corbet]

From:  Mark Seaborn <mseaborn-AT-onetel.com>
To:  lwn-AT-lwn.net
Subject:  Announce: Plash 1.14, tools for running programs with minimum authority
Date:  Thu, 10 Nov 2005 23:13:03 +0000 (GMT)

Hi,

Your readers might be interested in the newly-released version of
Plash:

http://plash.beasts.org
(Debian packages and RPMs available for i386 Linux.)

Plash is a secure, restricted execution environment for running Linux
programs with the minimum necessary privileges.  It is similar to
using chroot jails, but is more lightweight and flexible.  You can use
Plash to grant a process read-only or read-write access to specific
files and directories, which can be mapped at any point in its private
filesystem namespace.

Plash's purpose is to protect you from the programs you run,
whether they are malicious, are vulnerable to compromise from external
attacks, or just behave unexpectedly.

Plash provides two interfaces for launching programs:
 * pola-run, a command line tool;
 * a Bash-like shell for interactive use.

New in this version are "file powerboxes".  Powerboxes are a design
pattern for dynamically granting authority to a GUI program.  A file
powerbox works just like a file open/save dialog box, except that it
also grants authority to access a file.  Currently, the powerbox has
been integrated with XEmacs only.  This lets you run XEmacs without
having to give it access to all of your files.  For example, it is
possible to edit root-owned files without running XEmacs as root.

How it works:  The Plash execution environment doesn't require a
modified Linux kernel -- it uses chroot() and UIDs.  It works with
existing Linux executables, provided they are dynamically linked --
Plash uses a modified version of GNU libc.  Plash virtualizes the
filesystem: a server process implements calls such as open() by
sending a process a file descriptor across a socket.

Mark
(Log in to post comments)

Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds