[linux-security] Re: You got some 'splaininn to do Lucy ;-)

[Duncan Simpson <dps io stargate co uk>]

There are several sorts of access control Linux does not have, and quite 
probbaly should *not* have. A web site I found some back documented various 
sorts of controls that could stop crackers with root doing things. Extra 
things include adding classification levels to the systmem and only allowing 
reading below and writng above (MLS), contexts which restrict what you can do 
(MAC), etc. I think the people propsoed adding MACs to linux :-)

System call auditing is only the beginning---at least some aspect of this 
would be nice, for example all the detials of attempted access violations (not 
just useful for detecting cracker probes, think fixing access problems). In 
the meantime we could think about capabilities required for doing things 
normal users are allowed to do---in particular exec, unlink, rename and open 
capabilities could protect services which do not need them. Naturally you 
could keep file descriptors and use them after dropping open capability but 
never create any more.
-- 
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."