|
Home · All Classes · Annotated · Functions | |
The function of the MAC-enabled Linux kernel is to prevent processes from accessing some parts of the system, for example:
The MAC rule-set can allow such access under read-only provisions, or deny access altogether making the resource effectively invisible. The MAC can also prevent certain system calls by kernel capabilities, such as CAP_SYSADMIN and CAP_RAWIO.
Installed binaries are only granted access to part of the Qtopia system if their installation package states that it requires access. The policy framework detects the type of access requested and ensures that it complies with policies for the profile of the package.
For example, for a simple game the installed components may be authorized to access QWS graphics services, a configuration file for saving scores, and other data. The game will be denied all of the system capabilities. The game will not be allowed to send any service requests, but it will require access to the well known path of the QCop socket to make calls on the Qtopia windowing system.
The rule-sets are generated by running the application under a policy discovery tool provided as part of the SXE, bundled with the Qtopia SDK and sources.
The untrusted application runs under a sandbox MAC rule set which inverts the usual system of allow, unless specifically denied to instead be deny, unless specifically allowed.
The sand-boxing provided by the MAC kernel patches and its rule-set provides a broad low-level degree of protection against system-level risks from flawed or malicious programs attempting to access system resources. For example, any alteration of data or password files, harvesting of user information, and installation of root-kits is prevented.
| Copyright © 2006 Trolltech | Trademarks | Qtopia 4.1.7 |