[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] Jailing the Python Interpreter - os.kill still killi
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] Jailing the Python Interpreter - os.kill still killing |
Date: |
Mon, 05 Nov 2007 22:34:19 +0100 |
User-agent: |
Thunderbird 2.0.0.6 (X11/20071022) |
Gregory Piñero wrote:
> On 11/5/07, Olivier Sessink <address@hidden> wrote:
>> chrooting processes only helps to reduce file access. kill() is not file
>> access, so normal unix permissions apply. So you'll need to use
>> different unix users to do this.
>>
>
> Even with different users, a user could still kill his own process
> which is undesirable. I don't know too much about Unix, I guess
> there's no way to take away a users "kill" permissions?
it is possible with SELinux. However, configuring SELinux is complex and
time consuming.
Olivier