Not logged in
Log in now
Create an account
Subscribe to LWN
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
It was supported in AppArmor for _ages_.
Walsh: Introducing the SELinux Sandbox
Posted May 27, 2009 18:24 UTC (Wed) by talex (subscriber, #19139)
I've got apparmor-utils 2.3+1289-0ubuntu14 but it doesn't seem to be there.
But the really important thing is to have a suitable sandbox policy installed by default so that applications can use it automatically, without having to get root access first to install the policy. This would probably remove the need for plash to be setuid root too.
One of the things I'd like to use it for would be sandboxing archive extraction. In Zero Install, we unpack downloaded archives and then check the contents against a digest, so it would be really useful to sandbox the extraction process to guard against malicious packages trying to exploit flaws in tar, etc.
Posted May 28, 2009 0:11 UTC (Thu) by jamesmrh (guest, #31622)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds