Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

A potential solution is to create a user who has no or limited write access, and modify up so that it always switches to that user.

I wonder if there’s a way to do this without requiring the creation of a new system user. Some way to revoke all write access for the current process.



Capabilities do this. It's the same mechanic used by containers to restrict their access. See man capabilities(7)


Seems to be linux only at first blush.


I'm ok with focusing on Linux as the prime target for up. Though I'm totally trying to think about cross-platform approaches too, obviously.


FreeBSD has a capabilities system called “Capsicum”.

https://www.freebsd.org/cgi/man.cgi?capsicum(4)

https://wiki.freebsd.org/Capsicum

https://www.cl.cam.ac.uk/research/security/capsicum/freebsd....

Capsicum is convoluted though.

OpenBSD has pledge and unveil, which from what I have seen are very elegant.

https://man.openbsd.org/pledge.2

https://man.openbsd.org/unveil




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: