Unprivileged BPF and authoritative security hooks

Posted Apr 28, 2023 3:21 UTC (Fri) by raven667 (subscriber, #5198)
In reply to: Unprivileged BPF and authoritative security hooks by geofft
Parent article: Unprivileged BPF and authoritative security hooks

> can see the argument that Linux is a single-person OS

Sure, most Linux systems are owner-operated, but as soon as you accept a use case where this isn't true, then you end up needing all the complexity and policy for multi-user systems, so you might as well plan for that from the start.

Unprivileged BPF and authoritative security hooks

Posted Apr 29, 2023 6:36 UTC (Sat) by developer122 (guest, #152928) [Link] (1 responses)

I wonder if the entire concept of user IDs, filesystem permissions, etc could be exported into one or more LSMs.

Unprivileged BPF and authoritative security hooks

Posted May 3, 2023 10:36 UTC (Wed) by smurf (subscriber, #17840) [Link]

No reason it can't be AFAIK.