Kernel “Trusted Path Execution” patch (tpe)

I just finished a patch to the Linux kernel which implements “trusted path execution”.

You can specifiy a trusted directory and a group as “trusted” or “untrusted”.
If the group is untrusted all users belonging to this group will only be able to execute files from the trusted directory. If the group is trusted all users will only be able to execute files from the trusted directory but users belonging to the group (and root of course).

Get it here: linux-2.6.18-tpe_restriction (patch, 5 KB)

The patch is based on grsecurity – so credits go to Brad Spengler.

This entry was posted by ra on September 10, 2007 at 7:33pm. It is filed under Coding, English, Linux, Security. You can follow any comments to this entry through the RSS 2.0 feed.

Feel free to read the comments, or leave one of your own!

Also, if you're feeling social, you can Digg this, add it to del.icio.us, add it to Technorati, or add it to Newsvine!

comments are closed.