Shuttleworth: Losing graciously
Shuttleworth: Losing graciously
Posted Feb 19, 2014 22:46 UTC (Wed) by dlang (guest, #313)In reply to: Shuttleworth: Losing graciously by fandingo
Parent article: Shuttleworth: Losing graciously
the thing is, existing LSMs know how to deal with permissions to filesystem objects. SELinux and AppArmor work on the existing cgroups interfaces today (as Cyberax has noted).
Plus there is the entire extended ACL structure thats available (but very seldom used because it's not needed)
On Linux, permissions for filesystem objects have not been limited to the unix wrx bits for a long time.