Module related permission
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri Mar 7 10:33:30 EST 2014
On Fri, 07 Mar 2014 21:12:19 +0700, Cao Thanh Phuong said:
> I want to research how to limit root's permission or root's privilege on a
> file or folder.
> So, do anybody know files or codes that are related to root's permission on
> a specific file or folder in linux kernel?
You're proably going to end up needing SELinux or similar LSM (Linux Security
Module) that does MAC (Mandatory Access Control) as well as the standard Linux
DAC (Discrectionary Access Control) permissions.
The other option is to make a system where UID 0 isn't special, using
file capabilities insted of set-UID.
In either case, I guarantee that it will be a *lot* more challenging than
you might think at first. It's one thing to add a rule that says "root cannot
write to file /x/y/z". The problem you hit is that if you *really* care
about root not writing to /x/y/z, you now have to plug up *all* the places
where root can turn off that rule (including, but not limited to: modprobing
a malicious module, installing a program that *does* have permissions to write
to /x/yz/, getting write access to /dev/sd?? and scribbling on the disk
blocks directly, and probably 50 or 60 other things I'll think of after
I've had my morning caffeine.
A better question would be "What threat model are you trying to defend
against by limiting root's permission?"
A simpler solution to your problem may be as easy as "Store the file on
a different server, and NFS mount it with rootsquash enabled". But without
knowing what sort of attack you're worried aout, it's hard to say what
the best solution is.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
Url : http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20140307/86fb7c7b/attachment.bin
More information about the Kernelnewbies
mailing list