Date: Thu, 10 Mar 2016 07:04:32 -0500 From: Mark Saad <nonesuch@longcount.org> To: pavan teja <bharghav2947@gmail.com> Cc: freebsd-hackers@freebsd.org Subject: Re: Converting DAC or policy Rules into Capsicum capabilities Message-ID: <5F38D237-B15A-48B6-8766-622DA1B17B91@longcount.org> In-Reply-To: <CAOMeaBSV%2BrGLYsWaXm%2BjYOan5HHLskzbk3J9zfnTTmDacJEMYQ@mail.gmail.com> References: <CAOMeaBSV%2BrGLYsWaXm%2BjYOan5HHLskzbk3J9zfnTTmDacJEMYQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Pavan What is the use of kdbus ? It's been abandoned,=20 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D806558;msg=3D5 could th= e Mach ipc module from nextbsd be used ? --- Mark Saad | nonesuch@longcount.org > On Mar 10, 2016, at 3:50 AM, pavan teja <bharghav2947@gmail.com> wrote: >=20 > Hello everyone, > I'm right now working on Implementing KDBus project into= > FreeBSD project .In the KDBus we have a set of policy rules by which we ca= n > control the bus connectivity by other processes . If viewing from the othe= r > side policy rules appeared to me similar to DAC the security mechanism use= d > in Linux . Can anyone suggest me a good way to convert these DAC rules int= o > capabilities .I want to replace these policy rules in KDBus in my design > and replace them with some capabilities . *Example for some policy rules > are:* >=20 > KDBUS_ITEM_NAME: str=3D'org.foo.bar' > KDBUS_ITEM_POLICY_ACCESS: type=3DUSER, access=3DOWN, id=3D1000 > KDBUS_ITEM_POLICY_ACCESS: type=3DUSER, access=3DTALK, id=3D1001 > KDBUS_ITEM_POLICY_ACCESS: type=3DWORLD, access=3DSEE >=20 > Please help me out by stating an example as how i can convert policy > rules as these into some form of capabilities given to each process > .This would be very helpful for my design. > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5F38D237-B15A-48B6-8766-622DA1B17B91>