Hi all!
I've been thinking about using VSTa in applications like firewalls
(not actually thinking about doing it, but thinking about how one
might). One of the tools we use on our (Linux-based) firewall is
chroot in order to partition independent sets of programs from each
other, so a compromise of one set isn't a problem for the rest
(well, harder to expolit).
VSTa, of course, doesn't have the notion of chroot or any way of
implementing it: if mount tables are just libc constructs and
anyone can talk to a filesystem port then there's no point. Is
there, however, some way of doing something similar?
I suppose what I'm really saying is "I still don't really understand
VSTa's permission/id system yet". Can you easily set up a filesystem
or part of a tree so that that is the entire universe as far as
one group of programs is concerned? It doesn't really matter if
they can tell they're in a restricted domain, so long as they can't
get out.
After a little more thought, it seems like you'd do it by creating
a new directory tree as the "chrooted" domain with an extra number
on the end of the ownership and run the processes in there with
the extra ID. This would prevent them from getting out so long
as there are no other filesystems with the same or more permissive
id. (Does this make any sense?)
J
Received on Mon Mar 13 23:19:54 1995
This archive was generated by hypermail 2.1.8 : Thu Sep 22 2005 - 15:12:17 PDT