LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Qubes beta 1 released

Qubes beta 1 released

Posted Apr 13, 2011 23:26 UTC (Wed) by skissane (subscriber, #38675)
In reply to: Qubes beta 1 released by pboddie
Parent article: Qubes beta 1 released

I think Andy Valencia's VSTa operating system had a similar concept. Rather than a flat UID namespace (as POSIX provides), one can have a multi-level hierarchial namespace... 37.1.9...

I guess how it worked (never played with VSTa, so maybe I'm misunderstanding it) is that if I am a process of UID 37, I can fork a process with UID 37.x, e.g. 37.1. As UID 37 I have full owner access to all 37.1's objects and all 37.2's objects, but 37.1 doesn't have owner access to 37.2's objects or plain 37's objects.

So yeah, if I am user skissane, I could create 'subusers' like skissane.firefox, skissane.firefox.tab1, skissane.firefox.tab1.pdfreader...

(Log in to post comments)

Qubes beta 1 released

Posted Apr 13, 2011 23:29 UTC (Wed) by dlang (✭ supporter ✭, #313) [Link]

with namespaces, this is a concept that applies to linux as well

Qubes beta 1 released

Posted Apr 14, 2011 1:29 UTC (Thu) by skissane (subscriber, #38675) [Link]

UID namespaces in Linux are only a single-level hierarchy right? namespace.uid. My understanding was that VSTa provided a hierarchy of arbitrary depth. Also, you need special privilege to create a new namespace right? I thought the idea with VSTa, was that any process can create a sub-uid under its current uid, no special privilege required...

Qubes beta 1 released

Posted Apr 14, 2011 16:56 UTC (Thu) by elanthis (guest, #6227) [Link]

SELinux roles provide something similar, as well. Unfortunately, only if using SELinux.

I'd really, really, really like to see the core roles stuff enter the mainstream POSIX/Linux interface. Not the full domain management stuff of SELinux, but just enough to control file access and do PID checks to see which process are running in which roles (while still allowing them to belong to a specific user).

You can _almost_ emulate roles using groups, newgrp, group passwords, and so on, except that a process can drop its groups.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds