Lines Matching +full:inside +full:- +full:secure
14 …rnational System Administration and Networking Conference "SANE 2000" May 22-25, 2000 in Maastrich…
17 Poul-Henning Kamp <phk@FreeBSD.org>
25 OS. FreeBSD 4.0-RELEASE was the first release including this
27 Follow-on work was sponsored by Safeport Network Services,
32 Adding fine-grained access control improves the expressiveness,
39 Where multiple mutually un-trusting parties are introduced,
60 system, allowing easy sharing of files and inter-process communication.
63 Users of FreeBSD in non-traditional UNIX environments must balance
71 simultaneously impose system-wide mandatory policies on process
73 Attempting to create such an environment in the current-day FreeBSD
81 real-world example:
84 high-performance, network-centric server environment.
93 such as web servers and other content-related daemon programs.
101 be possible, but not at the cost of system-wide requirements, including
104 However, UNIX-style access control makes it notoriously difficult to
109 scope of their functionality, and effectiveness at what they provide \s-2[CHROOT]\s+2.
112 the file system name-space is limited to a single subtree.
126 Unlike other fine-grained security solutions, Jail does not
133 Traditional UNIX Security, or, ``God, root, what difference?" \s-2[UF]\s+2.
151 process is acting with ``super-user privileges'', and all access checks are
159 to the ``root'' user \s-2[ROOT]\s+2.
162 configuration, file system name-space, and special network operations.
177 until the system is restarted and brought up into single-user mode.
185 fine-grained access controls for system resources \s-2[BIBA]\s+2.
197 ``trust that the system is secure, when in fact it isn't''.
201 controls \s-2[UAS]\s+2.
219 security management APIs. When fine-grained capabilities are introduced to
220 replace the setuid mechanism in UNIX-like operating systems, applications that
228 different systems \s-2[POSIX1e]\s+2.
232 Jail neatly side-steps the majority of these problems through partitioning.
234 than introduce additional fine-grained access control mechanism, we partition
242 access to the super-user account in each of these without losing control of
243 the over-all environment.
266 name-space is restricted in the style of chroot(2), the ability to bind network
270 inside the same jail.
273 file system name-space for jailed processes. When a jail is created, it is
294 between a jailed environment or un-jailed environment. Processes running with
301 any uid, as long as it is accessible through the jail file system name-space.
341 \(bu Changing securelevel-related file flags is prohibited.
365 most applications to run un-hindered, but preventing calls that might allow an
367 system-wide configuration.
380 restricting access within the jail environment to a well-defined subset
384 fine-grained access control mechanisms, and maintaining a consistent
390 The jail code is included in the base system as part of FreeBSD 4.0-RELEASE,
391 and fully documented in the jail(2) and jail(8) man-pages.
395 .IP \s-2[BIBA]\s+2 .5i
396 K. J. Biba, Integrity Considerations for Secure
398 .IP \s-2[CHROOT]\s+2 .5i
408 .IP \s-2[LOTTERY1]\s+2 .5i
409 David Petrou and John Milford. Proportional-Share Scheduling:
410 Implementation and Evaluation in a Widely-Deployed Operating System,
413 \s-2\fChttp://www.cs.cmu.edu/~dpetrou/papers/freebsd_lottery_writeup98.ps\fP\s+2
414 \s-2\fChttp://www.cs.cmu.edu/~dpetrou/code/freebsd_lottery_code.tar.gz\fP\s+2
415 .IP \s-2[LOTTERY2]\s+2 .5i
416 …roportional-Share Resource Management, Proceedings of the First Symposium on Operating Systems Des…
418 \s-2\fChttp://www.research.digital.com/SRC/personal/caw/papers.html\fP\s+2
419 .IP \s-2[POSIX1e]\s+2 .5i
425 .IP \s-2[ROOT]\s+2 .5i
427 called the super-user account ``zeus''.
428 .IP \s-2[UAS]\s+2 .5i
432 \s-2\fChttp://www.entactinfo.com/products/uas/\fP\s+2
433 .IP \s-2[UF]\s+2 .5i
434 Quote from the User-Friendly cartoon by Illiad.
436 \s-2\fChttp://www.userfriendly.org/cartoons/archives/98nov/19981111.html\fP\s+2