LWN.net Logo

Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

BSD-style securelevel comes to Linux — again

BSD-style securelevel comes to Linux — again

Posted Sep 11, 2013 22:51 UTC (Wed) by Cyberax (✭ supporter ✭, #52523)
In reply to: BSD-style securelevel comes to Linux — again by geofft
Parent article: BSD-style securelevel comes to Linux — again

Nope. USB3 controller would have its own capability, so only processes that need it would be able to get access to it.

If USB3 needs some special handling then this logic would be encapsulated in some kind of server process.

(Log in to post comments)

BSD-style securelevel comes to Linux — again

Posted Sep 11, 2013 23:01 UTC (Wed) by geofft (subscriber, #59789) [Link]

Yes, but now you took an OS where you could plug in a flashdrive and have it work, changed hardware, and now that no longer works without modifications to userspace. By making USB3 a separate capability, you've broken userspace.

(Or so goes the argument against adding a new Linux-style capability for Secure Boot.)

BSD-style securelevel comes to Linux — again

Posted Sep 11, 2013 23:13 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]

Sure, but these modifications will be confined to policies. End-user programs won't have to be modified in any way.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds