From owner-freebsd-security Thu Feb 8 13:20:14 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id C055C37B65D for ; Thu, 8 Feb 2001 13:19:56 -0800 (PST) Received: from dakar-27.budapest.interware.hu ([195.70.51.91] helo=no) by mail.interware.hu with smtp (Exim 3.16 #1 (Debian)) id 14QyTp-0002bm-00 for ; Thu, 08 Feb 2001 22:19:53 +0100 Message-ID: <002c01c09215$c7291220$5b3346c3@no> From: "David Beck" To: Subject: security improvement ? Date: Thu, 8 Feb 2001 22:26:18 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, First of all, I would like to mention that this thing I describe here: - is not for production use (!!!) - have serious problems (look at the readme file) - mainly for generating discussion about the idea - might introduce security problems The idea here is to introduce further limitations for the usage of syscalls. That is to say x process cannot call y syscall, and if he tries it log it (somewhere). This is like a user (root) configurable profile for a process for calling syscalls. At the moment I wrote a simplified representation of the idea which can limit the usage of the syscalls in a specfied jail. This was faster to do and shows what I think. http://dbeck.beckground.hu/download/scf-0.0.1.tar.gz I'm sure that the way it is implemented is bad and instead of writing a kernel modul like this should make a patch for the kernel. I'm working on the patch, but in the meantime I'm very much interested what the experts say about this. Cheers, David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message