Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: fork and security context transitions
From: Stephen Smalley <sds_at_epoch.ncsc.mil>
Date: Fri, 30 Jan 2004 08:39:49 -0500
Good.
> Anyway, I soon found that the resulting code is not as easy to maintain Restructuring applications to support least privilege and isolation is a good thing.
> I was wandering if allowing to fork a child in a security context It isn't a good idea. Some prior discussions of this issue can be found at the below links: http://marc.theaimsgroup.com/?l=selinux&m=107272253121858&w=2 http://marc.theaimsgroup.com/?l=selinux&m=106910931928255&w=2 http://marc.theaimsgroup.com/?l=selinux&m=104939744006086&w=2 http://marc.theaimsgroup.com/?l=selinux&m=102587211414608&w=2 http://marc.theaimsgroup.com/?l=selinux&m=101343633303503&w=2 -- Stephen Smalley <sds@epoch.ncsc.mil> National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Fri 30 Jan 2004 - 08:40:26 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |