[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Aren't systemd's security capabilities in userspace simpler to use?

Aren't systemd's security capabilities in userspace simpler to use?

Posted Jul 22, 2015 21:16 UTC (Wed) by mezcalero (subscriber, #45103)
In reply to: Aren't systemd's security capabilities in userspace simpler to use? by alison
Parent article: Domesticating applications, OpenBSD style

Caps actually control access to facilities "above" what a normal user has, i.e. stuff that normally only root has. OpenBSD's tame() stuff otoh limits access to facilities that even normal users have, hence systemd's CapabilitiesBoundingSet= cannot cover what tame() covers.

That said, I am pretty sure the tame() API is frickin' crazy, and seccomp() actually a ton more useful, especially if you use it in conjunction with some namespacing tricks like they are exposed with systemd's PrivateTmp=, ProtectSystem= or PrivateNetwork=.

I find Theo's comment on seccomp controlling programs with other programs particularly weird, given the the seccomp filters are not turing complete, and hence hardly more than a fancy parameter check, and hardly something I would really call a "program".

to post comments

Aren't systemd's security capabilities in userspace simpler to use?

Posted Jul 23, 2015 21:10 UTC (Thu) by flewellyn (subscriber, #5047) [Link]

To be honest, I think it's mostly Theo's noted disdain for Linux, combined with a heaping helping of NIH syndrome.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds