| To: | Pekka Savola <pekkas@xxxxxxxxxx> |
|---|---|
| Subject: | Re: disablenetwork() syscall? |
| From: | James Morris <jmorris@xxxxxxxxxxxxxxxx> |
| Date: | Tue, 8 Jul 2003 09:59:32 +1000 (EST) |
| Cc: | netdev@xxxxxxxxxxx |
| In-reply-to: | <Pine.LNX.4.44.0307072237560.11843-100000@netcore.fi> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Mon, 7 Jul 2003, Pekka Savola wrote: > Hi, > > In a bugtraq thread, DJ Bernstein brought up an idea which I'm not sure > has been brought up in the past. Such a feature already exists in SELinux. > I'm not sure whether it's feasible or > not, but at least it (and other methods to limit the functions of a > user-level code) might bear consideration. This is precisely what LSM is for, so new security models can be implemented without any direct effect on the core kernel. - James -- James Morris <jmorris@xxxxxxxxxxxxxxxx> |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: question about linux tcp request queue handling, Andi Kleen |
|---|---|
| Next by Date: | Re: question about linux tcp request queue handling, Doug McNaught |
| Previous by Thread: | Re: disablenetwork() syscall?, Mitchell Blank Jr |
| Next by Thread: | Re: disablenetwork() syscall?, Pekka Savola |
| Indexes: | [Date] [Thread] [Top] [All Lists] |