Re: Permissions Required On hosts.allow ?

To: Nick Boyce <nick@glimmer.demon.co.uk>
Cc: debian-security@lists.debian.org
Subject: Re: Permissions Required On hosts.allow ?
From: Jamie Heilman <jamie@audible.transient.net>
Date: Tue, 3 Sep 2002 17:56:45 -0700
Message-id: <[🔎] 20020904005645.GT5539@audible.transient.net>
In-reply-to: <[🔎] 9ah5nuoe4qassi07v7a5uq4gj01il2d5hp@4ax.com>
References: <umgtmu08302hvnj34uqjlh4bst44dohu8f@4ax.com> <27391.146.122.45.164.1030719189.squirrel@www.iegrec.org> <20020831011645.GJ5539@audible.transient.net> <[🔎] 9ah5nuoe4qassi07v7a5uq4gj01il2d5hp@4ax.com>

> I come to the Land Of Unix from mainframes, where I used to earn my
> crust.  The mainframes had a tight security lockdown from out of the
> box (or truck, as the case usually was of course :).

I kind of guessed as much.  Yours is not an usual desire.
 
> I'd be very interested to hear about any such options in the Linux
> world.  AFAIK, Linux ACL facilities are still experimental
> (http://packages.debian.org/testing/admin/kernel-patch-acl.html)

Most things in the realm of tighter access control are experimental,
and tend to stay that way for a long time due, probably, to the lack
of cohesion behind the various movements.  But as I mentioned before,
you'll probably want to examine subdomain from Wirex, SELinux, maybe
LIDS, RSBAC, and doubtless there are others, but I'd start with those.

-- 
Jamie Heilman                   http://audible.transient.net/~jamie/
"...thats the metaphorical equivalent of flopping your wedding tackle 
 into a lion's mouth and flicking his lovespuds with a wet towel, pure 
 insanity..."						-Rimmer

Reply to:

References:
- Re: Permissions Required On hosts.allow ?
  - From: Nick Boyce <nick@glimmer.demon.co.uk>

Prev by Date: Setting up a mail server
Next by Date: RE: Setting up a mail server
Previous by thread: Re: Permissions Required On hosts.allow ?
Next by thread: Re: Permissions Required On hosts.allow ?
Index(es):
- Date
- Thread