Quote:
Originally Posted by Oko
That is lame. Can't you do last to things just withe permissions? Even with
the root access the last two goals can be easily accomplished in BSD world with flags and
kernel security levels. First one looks to me could be easily done with PF.
|
Regarding your first point, PF can control access to 80/tcp, but that is system wide - It won't let me tie it down to a specific application.
As for security levels, IIRC the OpenBSD team had actually dismissed them. I haven't got the link to hand, but there were a couple of interviews with senior devs who had said the concept was flawed.
I'll try to dig out the links when I get home tonight.
Cheers.
UPDATE 2009-01-27 2205Z
Here's the link regarding secure levels:
http://www.theregister.co.uk/2006/01...evel_bsd_unix/