On Fri 2014-12-05 13:22:50, One Thousand Gnomes wrote:
>
> > 2.a. If task A has sufficient capabilities to send signals to task B, then
> > task A is already in position to do anything it wants with task B, including
> > killing it outright.
>
> Not entirely true.
>
> - We have securirty models
On Sat, Dec 6, 2014 at 12:22 AM, One Thousand Gnomes
wrote:
>
>> 2.a. If task A has sufficient capabilities to send signals to task B, then
>> task A is already in position to do anything it wants with task B, including
>> killing it outright.
>
> Not entirely true.
>
> - We have securirty models
> 2.a. If task A has sufficient capabilities to send signals to task B, then
> task A is already in position to do anything it wants with task B, including
> killing it outright.
Not entirely true.
- We have securirty models like SELinux
- We have namespaces and being able to send an fd between
3 matches
Mail list logo
