Gentoo Archives: gentoo-hardened

From: Jan Klod <janklodvan@×××××.com>
To: gentoo-hardened@l.g.o
Subject: [gentoo-hardened] Isolate users/programs?
Date: Mon, 24 Nov 2008 19:04:03
Message-Id: 200811242203.57157.janklodvan@gmail.com
1 Well, the idea is: if program is started with userid N != 0, what are the ways
2 it can access the information, it is supposed to be forbidden to access in a
3 normal Linux configuration (other users info)?
4 As you might think, I am not really sure of what I need other than a way to
5 forbid all the users access to other users files unless they are in a group
6 and permissions allow it.
7 Many wild things can happen, I just think, this might be a good place where I
8 could ask.
9
10 For example: I install mailserver or run samba on a server, where some other
11 things are going on and I totally don't want them to interfare in any
12 possible way unless it has been intended.
13
14 Hope, I made it clear enough...
15
16 Jan

Replies

Subject Author
Re: [gentoo-hardened] Isolate users/programs? atoth@××××××××××.hu