undefined | Better HN

0 pointsjcrawfordor2y ago0 comments

The group model is far too inflexible to make this realistic... A file can only have one group, and people use more than one application. ACLs are available on Linux (although seldom used) and help to address this problem, but the ergonomics are very poor. Since ACLs don't address the issue of syscalls, IPC other than file based, etc., It hasn't really made sense to make them the focus or application isolation efforts. The kernel namespacing and capabilities features are a lot more attractive for this use and are more similar to the historic approach of chroot... But the tools still aren't great.

0 comments

atahanacar2y ago

>A file can only have one group, and people use more than one application

But users can be in multiple groups. You can have files with groups like "graphics, audio" etc. and give access to the application users by adding that user to the relevant groups.

>IPC other than file based

This isn't UNIX model though, is it?

Though I agree with you. Given the current state of programs, file permissions aren't enough for isolation.

j / k navigate · click thread line to collapse