On Wed, Jan 14, 2015 at 07:56:15AM +0000, Noel Torres wrote: > On Friday, 2 de January de 2015 19:43:04 Jude Nelson escribió: > > Hi Luke, > > > > I should point out, the ACL criteria for matching processes do not all have > > to be specified, specifically for the reason you point out. Using the > > SHA256 to match the process should be a tool of last resort, useful only > > when the executable's path, inode number, and PID listing commands are > > unreliable (for example, a program that runs from an arbitrary location but > > for which no PID listing program can be created). Also, taking the SHA256 > > would be very slow compared to the other criteria. I'll update the design > > document to emphasize that vdev does not need all of the criteria to be > > set--just the ones that describe the class of processes the ACL affects. > > > > As much as I would like to revoke file descriptors, I'm afraid there's no > > way to do this that I know of without the kernel's help (but I'd love to > > learn of one). Systemd-logind has the same problem--once a process opens a > > file descriptor, another process can't force it to close it (i.e. with > > systemd-logind, the client can simply dup(2) the file descriptor before > > systemd-logind closes it). FreeBSD has revoke(2), but AFAIK there is no > > equivalent syscall for Linux. > > Just a wild idea... > > We could use /dev-real for the device nodes and /dev for named pipes pointing > to the device nodes. The named pipes can be connected or disconnected at > will, > depending on the invoking process, while specialized programs (or root) could > just lurk around /dev-real if something needs to be debugged. This works for > reading and writing, but not for locking or ioctl, I know, but it is an > idea...
This will instantly break: -mount -OSS and ALSA audio (note that these both expect a device in /dev). -anything that manipulates block devices/partitions -anything that checks device type/major/minor eg, one could check that /dev/*random has the right major and minor. I don't know if it would work with ttys/ptys. > Just two (euro) cents > > er Envite Thanks, Isaac Dunham _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
