[prev in list] [next in list] [prev in thread] [next in thread]
List: e-lang
Subject: [e-lang] Re: [eros-arch] POLA enters Linux...
From: David Hopwood <david.nospam.hopwood () blueyonder ! co ! uk>
Date: 2004-07-13 5:26:37
Message-ID: 40F3728D.8070108 () blueyonder ! co ! uk
[Download RAW message or body]
David Wagner wrote:
> David Hopwood writes:
>
>>3. We want to use either the VM or the OS described above as a shell to run
>> at least some native applications with least privilege.
>> [...] the easiest approach is probably to replace
>> libc and similar base libraries (and accept that applications that bypass
>> these libraries will not work). The replacement libc changes code that
>> would otherwise make a syscall so that it communicates with another
>> process using read/write instead (perhaps using the same protocol as in
>> 1. above).
>
> You'll enjoy reading the following paper:
> http://www.stanford.edu/~talg/papers/NDSS04/abstract.html
> It works out the details of how to do this, including how to solve
> the exec problem. It's a nice piece of work.
Looks interesting, but where's the code? :-) Given that the kernel mods are
only 200 lines, it might be useful to put that in the main line kernel,
instead of or as well as Andrea Arcangeli's patch.
Although Ostia still uses an ACL-based security model, it looks from the
paper as though the kernel changes are probably independent of that.
>>All you need or want is an IPC mechanism that transfers data.
>
> I side with the original poster; it's very likely that you want an
> IPC mechanism that also allows transfer of file descriptors, and you
> probably want to allow things like select() and dup() as well.
I hadn't realised that file descriptors can be transferred over Unix
domain sockets; that does make things easier.
--
David Hopwood <david.nospam.hopwood@blueyonder.co.uk>
_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic