Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > alt.folklore.computers > #148655

Re: The joy of simplicity?

From "Rod Speed" <rod.speed.aaa@gmail.com>
Newsgroups alt.folklore.computers
Subject Re: The joy of simplicity?
Date 2015-07-21 05:49 +1000
Message-ID <d151moFgk8nU1@mid.individual.net> (permalink)
References (9 earlier) <PM00051B266DEF881D@aca2d680.ipt.aol.com> <20150718155115.7c7d49ee804db58bd8f88797@eircom.net> <PM00051B3A08B01556@aca2e736.ipt.aol.com> <a1vs7c-4q1.ln1@sambook.reistad.name> <PM00051B4E8D89A3D2@aca24085.ipt.aol.com>

Show all headers | View raw


"jmfbahciv" <See.above@aol.com> wrote in message 
news:PM00051B4E8D89A3D2@aca24085.ipt.aol.com...
> Morten Reistad wrote:
>> In article <PM00051B3A08B01556@aca2e736.ipt.aol.com>,
>> jmfbahciv  <See.above@aol.com> wrote:
>>>Ahem A Rivet's Shot wrote:
>>>> On 18 Jul 2015 13:34:19 GMT
>>>> jmfbahciv <See.above@aol.com> wrote:
>>>>
>>>>> Morten Reistad wrote:
>>>>
>>>>> > This is one solution to the jail-process-problem, but I think the
>>>>> > jail() version of chroot() is a much better one. For one, you have a
>>>>> > system-provided check that you stay within your jail on every (of 
>>>>> > ~150)
>>>>> > system call the process performs. This limits the scope of the 
>>>>> > external
>>>>> > impact from every program executed within that process.
>>>>>
>>>>> That's an interesting approach but it wouldn't it have to ignore
>>>>> terminal I/O?
>>>>
>>>>     Yes terminal I/O is by default not available in a jail unless you
>>>> connect a virtual terminal to the virtual terminal port and the jail is
>>>> running something connected to the virtual terminal port (often there's 
>>>> a
>>>> full OS image running in the jail - sometimes not the same OS as the
> host).
>>>
>>>Sounds expensive.
>>
>> Or you can have separate user spaces running under the same kernel. There
>> are half a dozen implementations.
>>
>>
>>>>> And what about network accesses?  ISTM there would have
>>>>
>>>>     Jails have separate network configuration to the host, which is
>>>> provided by the host. I have one jail running here that sees only a VPN
>>>> connection and has no access to my LAN which limits the incursions
> possible
>>>> from the other side of that VPN.
>>>>
>>>>> to be a list of system calls that would need ignoring.  I suppose that
>>>>> approach could provide a blanket security but not control over
>>>>> contents of speicfic files/directories.
>>>>
>>>>     Jails live in a chroot evnvironment so the directory tree they see
>>>> is a subset of that on the host.
>>>
>>>OK.  That sounds like the system manager sets it up instead of the
>>>user/owner of the service area within the system.
>>
>> No, the simplest peon user can set up a process in a jail. That jail
>> will only have as much permissions as that user, or less.
>
> The file daemon allows all accesses, even more.
>
>>Some manipulations
>> of interfaces do require root permissions, though.
>
> I can think of ways to implement sub-file daemons which would use
> the main file daemon for the root privs.  In our experience, there
> wasn't a security problem with ppns which had IPCF paging privs.
> Everyone used IPCF when logging in/out, printing, submitting batch
> jobs and mounting devices.

And the world's moved on now with smartphones where it
makes a lot more sense to do it the way Apple does it with
iOS where the security can be as tight as you like, effortlessly.

> [rest not snipped for context]
>>
>>
>>>>>  The latter technique would
>>>>> only be invoked if, and only if, the "owner" of the file/directory
>>>>> wanted to invoke it.  With your approach, it would be a system
>>>>> invocation rather than something set up privately by a user within
>>>>> that system.
>>>>
>>>>     Yes jails are a system level thing usually used to isolate network
>>>> services from each other and the rest of the system.
>>>>
>>>>     File daemons if I'm understanding correctly provide a programmed
>>>> way to give controlled access to otherwise forbidden operations on
> selected
>>>> files and directories.
>>>
>>>It's more elegant than that.  The user can cause file protection faults 
>>>for
>>>any file or directory s/he owns.  The file daemon is invoked when an 
>>>access
>>>is attempted.  the user has a file in the directory which can iterate who
>>>may access the file, who may not access the file and which kinds of 
>>>access
>>>specific ppns can do.  this was the example implementation of our file
>>>daemon.  It can get more complicated with contents of files.
>>>
>>>To cause a blanket protection failure for everyone, including ppns with
>>>privs, I simply protected my ppn.UFD and *.SFD files to cause a 
>>>protection
>>>failure.  Not even the operators could access my area without invoking 
>>>the
>>>file daemon.  Note that there wasn't a security hole if the file daemon
>>>wasn't running because the protections which invoked the file daemon
>>>were greater than normal.
>>>
>>>>In a unix environment this is usually done with a
>>>> service but that doesn't present like a file system access instead you
> talk
>>>> the service protocol to a server which manipulates the files you're not
>>>> allowed to touch.
>>>>
>>>>     A file system supporting file daemons would probably be easy to put
>>>> together under the user space filesystem layer in Linux, a little 
>>>> harder
>>>> without user space filesystem support.
>>>
>>>TOPS-10 was a timesharing system with projects.  EAch project was able
>>>to control its own areas without sysadmin human intervention.
>>>
>>>For instance a prof who had a class could get a project number
>>>of 306.  Each student would have a ppn of [306, nnn].  the prof could
>>>set up his area and theirs for accessing.  he could allow read only
>>>access to some files in his area for only the [306,*]  ppns.  He can
>>>also log accesses and set up the students' ppns so he could read
>>>anything in those directories...or write anything.

Back to alt.folklore.computers | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Re: The joy of simplicity? Mike Spencer <mds@bogus.nodomain.nowhere> - 2015-07-08 00:27 -0300
  Re: The joy of simplicity? Anne & Lynn Wheeler <lynn@garlic.com> - 2015-07-08 09:32 -0700
    Re: The joy of simplicity? "ratsack" <ratgsack281@nospam.com> - 2015-07-10 05:28 +1000
  Re: The joy of simplicity? hancock4@bbs.cpcn.com - 2015-07-08 09:54 -0700
    Re: The joy of simplicity? scott@slp53.sl.home (Scott Lurndal) - 2015-07-08 17:43 +0000
    Re: The joy of simplicity? Mike Spencer <mds@bogus.nodomain.nowhere> - 2015-07-08 15:48 -0300
      Re: The joy of simplicity? hda <agent700@ay.invalid> - 2015-07-08 22:03 +0200
        Re: The joy of simplicity? Mike Spencer <mds@bogus.nodomain.nowhere> - 2015-07-09 03:14 -0300
          Re: The joy of simplicity? Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2015-07-09 07:38 +0000
          Re: The joy of simplicity? Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2015-07-09 17:40 +0000
          Re: The joy of simplicity? Mike Spencer <mds@bogus.nodomain.nowhere> - 2015-07-09 16:32 -0300
          Re: The joy of simplicity? "ratsack" <ratgsack281@nospam.com> - 2015-07-10 05:35 +1000
          Re: The joy of simplicity? Mike Spencer <mds@bogus.nodomain.nowhere> - 2015-07-09 16:51 -0300
          Re: The joy of simplicity? Andrew Swallow <am.swallow@btinternet.com> - 2015-07-10 00:50 +0100
            Re: The joy of simplicity? Peter Flass <peter_flass@yahoo.com> - 2015-07-10 00:27 +0000
              Re: The joy of simplicity? Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2015-07-10 16:36 +0000
                Re: The joy of simplicity? Andrew Swallow <am.swallow@btinternet.com> - 2015-07-10 19:01 +0100
                Re: The joy of simplicity? Stephen Sprunk <stephen@sprunk.org> - 2015-07-10 13:13 -0500
                Re: The joy of simplicity? Stephen Sprunk <stephen@sprunk.org> - 2015-07-10 13:20 -0500
                Re: The joy of simplicity? Peter Flass <peter_flass@yahoo.com> - 2015-07-10 18:59 +0000
                Re: The joy of simplicity? Andrew Swallow <am.swallow@btinternet.com> - 2015-07-10 21:08 +0100
                Re: The joy of simplicity? Morten Reistad <first@last.navn> - 2015-07-11 00:42 +0200
                Re: The joy of simplicity? Andrew Swallow <am.swallow@btinternet.com> - 2015-07-11 20:47 +0100
                Re: The joy of simplicity? jmfbahciv <See.above@aol.com> - 2015-07-12 12:53 +0000
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-13 05:40 +1000
                Re: The joy of simplicity? jmfbahciv <See.above@aol.com> - 2015-07-14 12:02 +0000
                Re: The joy of simplicity? Andrew Swallow <am.swallow@btinternet.com> - 2015-07-14 13:32 +0100
                Re: The joy of simplicity? jmfbahciv <See.above@aol.com> - 2015-07-15 12:19 +0000
                Re: The joy of simplicity? Peter Flass <peter_flass@yahoo.com> - 2015-07-15 12:31 +0000
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-17 05:49 +1000
                Re: The joy of simplicity? Morten Reistad <first@last.navn> - 2015-07-17 18:43 +0200
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-19 09:01 +1000
                Re: The joy of simplicity? jmfbahciv <See.above@aol.com> - 2015-07-19 13:25 +0000
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-20 06:20 +1000
                Re: The joy of simplicity? jmfbahciv <See.above@aol.com> - 2015-07-20 13:29 +0000
                Re: The joy of simplicity? Peter Flass <peter_flass@yahoo.com> - 2015-07-20 15:26 +0000
                Re: The joy of simplicity? jmfbahciv <See.above@aol.com> - 2015-07-21 12:53 +0000
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-21 05:52 +1000
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-19 09:49 +1000
                Re: The joy of simplicity? jmfbahciv <See.above@aol.com> - 2015-07-19 13:25 +0000
                Re: The joy of simplicity? Morten Reistad <first@last.navn> - 2015-07-19 18:15 +0200
                Re: The joy of simplicity? jmfbahciv <See.above@aol.com> - 2015-07-20 13:29 +0000
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-21 05:49 +1000
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-20 06:38 +1000
                Re: The joy of simplicity? jmfbahciv <See.above@aol.com> - 2015-07-20 13:29 +0000
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-21 05:55 +1000
                Re: The joy of simplicity? "Hank" <hfd543@nospam.com> - 2015-07-12 06:00 +1000
                Re: The joy of simplicity? Morten Reistad <first@last.navn> - 2015-07-11 00:38 +0200
                Re: The joy of simplicity? "Charles Richmond" <numerist@aquaporin4.com> - 2015-07-10 15:27 -0500
                Re: The joy of simplicity? Dave Garland <dave.garland@wizinfo.com> - 2015-07-11 00:18 -0500
                Re: The joy of simplicity? "Rod Speed" <rod.speed.aaa@gmail.com> - 2015-07-11 19:22 +1000
                Re: The joy of simplicity? Gene Wirchenko <genew@telus.net> - 2015-07-10 17:53 -0700
                Re: The joy of simplicity? "Osmium" <r124c4u102@comcast.net> - 2015-07-10 22:22 -0500
                Re: The joy of simplicity? Gene Wirchenko <genew@telus.net> - 2015-07-10 23:39 -0700
          Re: The joy of simplicity? simon@twoplaces.co.uk (Simon Turner) - 2015-07-10 08:27 +0100
    Re: The joy of simplicity? Peter Flass <peter_flass@yahoo.com> - 2015-07-09 00:29 +0000
      Re: The joy of simplicity? Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2015-07-09 07:38 +0000
  Re: The joy of simplicity? Daiyu Hurst <daiyu.hurst@gmail.com> - 2015-07-08 12:57 -0700

csiph-web