

OpenBSD's tame gets a path list parameter - protomyth
http://marc.info/?l=openbsd-cvs&m=144027474117290&w=2

======
erglkjahlkh
Tame is forming up pretty nicely.

The logic here is that most of the time files of certain type are usually in
logical locations, whereas with SELinux the logic is that types are intrinsic
properties of objects, and saved as metadata their metadata. The difference is
that with the latter moving the object does not change the properties (the
context comes along), while the first one might lose the properties in case
something made moving outside the intended envelope possible.

The approach taken by Tame is technically easier to implement without shooting
yourself in the foot, and featured also in Grsecurity fame's RBAC
implementation. Jolly good.

The thing just is, the approach taken by SELinux with the external security
daemon can and has been extended beyond files. Tracking the information by its
properties when it moves from files to database, web servers, etc, is a
powerful (but extremely hard for implementors) feature. Also, administratively
the security classifications of documents are properties of documents, not the
storage containers they are found from.

------
papaf
I had no idea what Tame was but this introduction helped:

[https://marc.info/?l=openbsd-
tech&m=143725996614627&w=2](https://marc.info/?l=openbsd-
tech&m=143725996614627&w=2)

~~~
RexRollman
Previous HN discussion:

[https://news.ycombinator.com/item?id=9909429](https://news.ycombinator.com/item?id=9909429)

------
protomyth
I like the idea of making sure my program doesn't go off the rails and become
an attack vector. It is an interesting contrast to the external mechanism
without input from the program.

------
gregwtmtno
I would love to see something similar to tame on linux. Just because linux
also has SELinux doesn't mean it can't also have tame.

I love the approach.

