[OLPC Security] Thoughts on bitfrost capabilities, enforcement, and ACLs
Marcus Leech
mleech at nortel.com
Tue Nov 6 10:46:47 EST 2007
Here's a skeletal python snippet for ACLs in support of bitfrost
capabilities. Thoughts would be most welcome.
#
# Thoughts on ACLs and bitfrost capabilities
#
# Some of the bitfrost capabilities could be implemented by adding ACLs to
# the appropriate filesystem bits, including relevant entries under /dev
#
# For example, /dev/video0 could be owned by root, mode 0600, with ACLs
added
# and removed dynamically as activities come and go that require video
# access ('use_camera').
#
# The appropriate audio device (/dev/dsp?) could be mode 0622, which
would only
# allow opening for write for any random process, and an ACL could be
added
# when an activity that has 'use_microphone' enabled is launched. The ACL
# would allow read/write access, rather than the usual write-only.
#
# The alternative is to have activity launch simply change the ownership
# and/or permissions of the relevant device(s) on launch. But this
precludes
# sharing (which, I admit, may not make sense for devices).
#
# A downside to the ACL approach is that the rainbow daemon would need to
# keep track for purposes of "garbage collection" on ACL entries.
#
import subprocess
def adduser_acl(path, uid, perms):
acl = "u:%d:%s" % (uid, perms)
args = ['setfacl', '-m', acl, path]
subprocess.check_call(args)
def deluser_acl(path, uid):
acl = "u:%d" % uid
args = ['setfacl', '-x', acl, path]
subprocess.check_call(args)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : http://lists.laptop.org/pipermail/security/attachments/20071106/b3bacfec/attachment.pgp
More information about the Security
mailing list