[Cryptography] In the latest unexpected ransomware twist ...
Jerry Leichter
leichter at lrw.com
Tue Jun 15 21:08:07 EDT 2021
>> The OpenBSD ports of firefox, chrome, et al, call this in their
>> startup code, setting things up so that (among other restrictions)
>> they can't access any of the home-directories filesystem except for a
>> single designated directory (typically ~/Downloads).
>>
>> I don't know what other Unix flavors have similar facilities.
>
> FreeBSD has "capsicum"....
Just as a matter of historical interest: This idea goes way back. RSTS/E, a DEC operating system for PDP-11's back in the 1970's, had a "permanently drop special privileges" call. You'd run a program under a privileged account, it would do some setup that needed privileges, and then it would execute this call.
I suspect that there are earlier examples.
What's interesting is that we somehow lost this thread in Unix. Unix had the single universal root account, and root programs were expected to "be careful." Very much consistent with the original Unix philosophy of (a) keeping things simple and straightforward; (b) trusting the programmer.
Windows took a very different approach, but also, as far as I can recall, had no analogous mechanism.
We ended up having to rediscover (and, granted, improve on) what some of the earlier operating systems had provided decades before.
-- Jerry
More information about the cryptography
mailing list