Converting DAC or policy Rules into Capsicum capabilities
Mark Saad
nonesuch at longcount.org
Thu Mar 10 12:04:35 UTC 2016
Pavan
What is the use of kdbus ? It's been abandoned,
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806558;msg=5 could the Mach ipc module from nextbsd be used ?
---
Mark Saad | nonesuch at longcount.org
> On Mar 10, 2016, at 3:50 AM, pavan teja <bharghav2947 at gmail.com> wrote:
>
> Hello everyone,
> I'm right now working on Implementing KDBus project into
> FreeBSD project .In the KDBus we have a set of policy rules by which we can
> control the bus connectivity by other processes . If viewing from the other
> side policy rules appeared to me similar to DAC the security mechanism used
> in Linux . Can anyone suggest me a good way to convert these DAC rules into
> capabilities .I want to replace these policy rules in KDBus in my design
> and replace them with some capabilities . *Example for some policy rules
> are:*
>
> KDBUS_ITEM_NAME: str='org.foo.bar'
> KDBUS_ITEM_POLICY_ACCESS: type=USER, access=OWN, id=1000
> KDBUS_ITEM_POLICY_ACCESS: type=USER, access=TALK, id=1001
> KDBUS_ITEM_POLICY_ACCESS: type=WORLD, access=SEE
>
> Please help me out by stating an example as how i can convert policy
> rules as these into some form of capabilities given to each process
> .This would be very helpful for my design.
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
More information about the freebsd-hackers
mailing list