|
|
|
|
|
|
by throwaway82652
1515 days ago
|
|
|
The capability to do something like that already exists in Linux, just nobody bothers to implement it at the application level because pledge and unveil are actually just more terrible hacks and are only really suitable for packages that are built into the system. In real syadmin-land, nobody wants to recompile applications just to change some security settings. Furthermore any of these things that are bolting more ACL or ACL-like restrictions onto Unix permissions are bound to eventually end up with the same problems as SELinux. |
|
|