Commit 30ba7b2b authored by Simon Ruderich's avatar Simon Ruderich
Browse files

slsm: Documentation: misc minor improvements

parent 01563cd6
......@@ -5,7 +5,8 @@ SLSM is a simple, path-based security module.
It's main goals are to be
* distribution-independent
* straight-forward to use on desktops
* simple in implementation
* simple in implementation
Some common use-cases are
* restrict access to a file for all programs, with exceptions;
e.g. only ssh-add can read your private keys
......@@ -14,18 +15,18 @@ Some common use-cases are
# Overview #
In SLSM, programs are identified by their path in the filesystem (symlinks are
resolved first). This means `exec` changes permissions!
resolved first). This means `exec` changes permissions unless restricted (see
below)!
Access rules are stored in a tree structure resembling the filesystem.
At each node (corresponding to a directory entry), rules matching either all
or one specific program are specified.
To check access to a file, the tree is traversed from the root. At each node,
the last rule (in the order they were inserted) matching the executing program
is remembered. The last match determines the permissions the program has for
this file.
Access rules are stored in a tree structure resembling the filesystem. At each
node (corresponding to a directory entry), rules matching either all or one
specific program are specified. To check access to a file, the tree is
traversed from the root. At each node, the last rule (in the order they were
inserted) matching the executing program is remembered. The last match
determines the permissions the program has for this file.
Rules consist of the program they apply to and a combination of UNIX-like `rwx`
bits (`x` is not neccessary to `cd`) and a set of SLSM-specific flags:
bits (`x` is not necessary to `cd`) and a set of SLSM-specific flags:
* A rule with the `exact` flag applies only if the program tries to access the
exact node at which the rule is placed.
* The `confine` flag prevents a process from gaining new permissions via `exec`.
......@@ -61,7 +62,8 @@ from reading the files contained therein, but allow listing the keys:
3. allow `ssh-add` to read file contents:
p=/home/user/.ssh/private\0m=4\0a=/usr/bin/ssh-add\0\0
To apply this setup, run something like the following:
To apply this setup, run something like the following (replace user with your
user name):
printf 'p=/home/user/.ssh/private\0m=0\0\0p=/home/user/.ssh/private\0m=4\0f=4\0\0p=/home/user/.ssh/private\0m=4\0a=/usr/bin/ssh-add\0\0' >/sys/kernel/security/slsm/profiles
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment