Capabilities

To: debian-policy@lists.debian.org
Cc: debian@lists.linux.hu
Subject: Capabilities
From: Magosanyi Arpad <mag@bunuel.tii.matav.hu>
Date: Mon, 27 Mar 2000 08:41:41 +0200
Message-id: <[🔎] 20000327084141.A29620@bunuel.tii.matav.hu>

Hi!

I have recently made a restricted-capability system, using
medusa DS9. It has some properties of a TCSEC B3 level system,
and IT WORKS!

There were some little problem though, one is Bug#60303:
The start-stop script of postgresql assumed DAC_SEARCH capability.

Oliver has added the needed changes to his package, and asked
me to raise the capability issue here.

Main point:
	Let's define some mechanism which helps the bulders of
	trusted systems to
		-identify which capabilities the packages need
		and exactly where and for which functionality
		those capabilities are needed
		-minimize the number of needed capabilities

The first point could be achieved by some documentation methods,
for example if a package have /usr/share/doc/<package>/security,
than the file should list which binary needs which capability and
why.
The second point is more difficult: we can say in debian policy that
our goal is to minimize the needed capabilities, and if there is
an easy way to make a capability unneded, the maintainer should
act accordingly.

Documentations:
About capabilities:
http://lwn.net/1999/0422/a/capabilities.html
http://linux.com/security/newsitem.phtml?sid=11&aid=4693
About medusa:
http://medusa.fornax.sk

-- 
GNU GPL: csak tiszta forrásból

Reply to:

Prev by Date: Re: Process is no substitute for understanding
Next by Date: Re: Process is no substitute for understanding
Previous by thread: Re: Testing the new boot floppies
Next by thread: Re: Bug#61116: /etc/motd references BOTH /usr/doc/*/copyright AND /usr/share/doc/*/copyright
Index(es):
- Date
- Thread