Next:
General concepts
Up:
LIDS 2.0 Specifications Version
Previous:
LIDS 2.0 Specifications Version
Contents
Contents
General concepts
Introduction
Inside the box
Needs
Comparison with previous LIDS
A new security model
Adopted approach
Privileges and permissions
Filesystem permissions
Privileges
Insight into the set of rights
Enhancing rights mapping
Gathering files
Gathering rights
LIDS 2.0 description
Access lists
Mapping elements of
to those of
Inheritance
Effective rights
Capabilities
Assigning a capability to a subtree of the executables tree
Inheritage
How this works
Everyday life administration
On the fly changes
LIDS-free sessions
Use of these options
Scan port detection
Logging
Kinds of logs
DNA
8.1
and klids
Specifications
The configuration tool
The configuration file
General configuration options
Permissions and capabilities
Logging specifications
Compilation time options
Most important data structures
New types
task_struct
lids_prog_s
lids_perm_s
lids_caps_s
lids_lfs_s
LIDS-free sessions implementation
Communication between
lidsadm
and LIDS
Algorithms
Config file reading algorithm
fork
system call
exec
system call
Overload
Hash table
Permission check
Capabilities check
About this document ...
Biondi Philippe 2000-12-15