Rainbow: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 6: | Line 6: | ||
Rainbow implements this isolation by generating a new uid (and perhaps a new gid) for each program it is asked to run. Running each activity as a separate user means that standard Unix access checks can be used as the primary 'gate' to control the visibility of activity-driven side-effects like reading from or writing to files or devices or signalling other processes. |
Rainbow implements this isolation by generating a new uid (and perhaps a new gid) for each program it is asked to run. Running each activity as a separate user means that standard Unix access checks can be used as the primary 'gate' to control the visibility of activity-driven side-effects like reading from or writing to files or devices or signalling other processes. |
||
== Design == |
|||
== Implementation == |
== Implementation == |
||
| Line 19: | Line 17: | ||
* pristine root patches -- [http://dev.laptop.org/git/users/mstone/nss-rainbow nss-rainbow] |
* pristine root patches -- [http://dev.laptop.org/git/users/mstone/nss-rainbow nss-rainbow] |
||
* P_DOCUMENT -- [[Olpcfs]] |
* P_DOCUMENT -- [[Olpcfs]] |
||
* P_X -- we'll start by trying out XSECURITY (i.e. by making activities untrusted clients) and see where that leaves us. Then on to XACE as per [http://lists.laptop.org/pipermail/security/2008-April/000390.html] |
|||
== (Outdated) Resources == |
== (Outdated) Resources == |
||
Revision as of 20:44, 18 September 2008
Introduction
Rainbow implements the isolation shell implicitly described in the Bitfrost security specification. This means that it isolates activities (and eventually system services) that it is asked to run from one another and the rest of the system.
Rainbow implements this isolation by generating a new uid (and perhaps a new gid) for each program it is asked to run. Running each activity as a separate user means that standard Unix access checks can be used as the primary 'gate' to control the visibility of activity-driven side-effects like reading from or writing to files or devices or signalling other processes.
Implementation
The implementation of rainbow can be found in the "rainbow/rainbow" subdirectory of security git repo and in its several forks.
Next Steps
- P_NETWORK -- Isolation LSM
- cli interface: [1]
- pristine root patches -- nss-rainbow
- P_DOCUMENT -- Olpcfs
- P_X -- we'll start by trying out XSECURITY (i.e. by making activities untrusted clients) and see where that leaves us. Then on to XACE as per [2]
(Outdated) Resources
- Taste the Rainbow: A guided tour of the source code of the rainbow-0.7.8 release.
- OLPC Bitfrost: Bitfrost Spec
- README - A description of the scope and design of Rainbow.
- Notes - Useful notes on design and hurdles in developing Rainbow.
- Rainbow/DataStore Access