OSS in jail
Luís Fernando Schultz Xavier da Silveira
schultz at ime.usp.br
Sun Dec 6 21:43:21 UTC 2015
This is very promising. I will give it a shot.
Thanks very much.
On Sun, Dec 06, 2015 at 09:19:24PM +0100, Terje Elde wrote:
>
> > On 06 Dec 2015, at 20:57, Luís Fernando Schultz Xavier da Silveira <schultz at ime.usp.br> wrote:
> >
> > This is the precise problem.
> > I need either a stronger form of access control than unix permissions
> > or two separate devices for playback and recording.
> > Or maybe a separate OSS stack, in the spirit of VIMAGE.
> > These options seem unrealistic, but the use case does not seem
> > unreasonable, which is why I pose the question.
>
> Although I haven't tested it for devices, it's likely you can solve this by using MAC, and the "file system firewall"; mac_bsdextended
>
> Effectively you can define "firewall rules" for the file system, and thus block reads from the dsp.
>
> Might be a learning curve to get things right though.
>
> Terje
>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list