Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 18 Oct 1999 20:41:28 +0200
From:      Gerhard Sittig <Gerhard.Sittig@gmx.net>
To:        freebsd-security@FreeBSD.ORG
Subject:   Re: kern.securelevel and X
Message-ID:  <19991018204128.G27109@speedy.gsinet>
In-Reply-To: <xzpso392gj0.fsf@flood.ping.uio.no>; from Dag-Erling Smorgrav on Mon, Oct 18, 1999 at 10:56:51AM %2B0200
References:  <XFMail.991015111802.shelton@sentry.granch.ru> <Pine.LNX.4.05.9910150036170.5339-100000@jason.argos.org> <14343.23571.679909.243732@blm30.IRO.UMontreal.CA> <19991017012750.A812@fever.semiotek.com> <380A1E2C.CCA326F5@gorean.org> <19991018024704.A512@semiotek.com> <xzpyad12jd7.fsf@flood.ping.uio.no> <19991018043039.B1711@semiotek.com> <xzpso392gj0.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, Oct 18, 1999 at 10:56 +0200, Dag-Erling Smorgrav wrote:
> [ ... ]
> 
> +	if (securelevel > 3)
> +		return (EPERM);
> 
> [ ... ]
> 
> I'm starting to think that secure levels should be implemented as
> bitmasks, with one bit for each operation or group of operation to be
> allowed or denied (0 = allow, 1 = deny). The if statement above could
> be rewritten as:
> 
> 	if (securemask & SEC_MOUNT)
> 		return (EPERM);

... which sounds to me very much like capabilities ...

> Using a simple bitmask might be too simple though (it would restrict
> us to 32 or 64 distinct operations), so we might want to hide the
> actual implementation behind a function call or macro:
> 
> 	if (!sec_permitted(SEC_MOUNT))
> 		return (EPERM);

and this one does for sure :>

I'm not that familiar with FBSD, but it sounds like one usually
has a certain set of capabilities which reduces in a determined
way when raising the securelevel.  So on the way to a higher
level one even might lose the ability to grant some privileges.


virtually yours - Gerhard Sittig
-- 
If you don't understand or are scared by any of the above
        ask your parents or an adult to help you.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991018204128.G27109>