LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Restricting the network

Restricting the network

Posted Jan 13, 2010 5:54 UTC (Wed) by Kissaki (subscriber, #61848)
Parent article: Restricting the network

First, let me say that as a sysadmin, I think being able to restrict less trusted software's access to the network (or / and setuid programs) would be a great boon.

But (and this is a very big but), we need provable security. What we have with this feature, chroot, setuid, virtualization, etc. is the computing equivalent of security theatre. Don't get me wrong, it is pretty good security theater... these changes set "bad guys" back months, maybe years until someone learns how to escape the most recent jail or virtual machine.

We more people to learn about and push for true capability systems that fundamentally tie permission to manipulate an object with the object itself. The projects I was cheering for (most recently CoyotOS) have fallen by the wayside, while the we all suffer from ACL systems security flaws.

As a side benefit, capability systems would tend to reduce the 'unintended consequences' issue.

Note: I'm speaking about the capabilities described here: http://en.wikipedia.org/wiki/Capability-based_security and not the kernel capabilities system currently in place.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds