Description
Every university has student assignments, tutors must correct them and
sometime they are programs. What would happen if a tutor executes a
program that has malicious code? This is the problem that we want to
solve: blocking the possibility of untrusted programs to read, edit or delete
important files on a system. Implementing and employing a mandatory
access control is an approach that does not require making big changes to
the user’s system. Using the linux security module framework, we created
our own mandatory access control thanks to the security hooks provided
by the framework. The implementation does its job, namely restricting the
permissions of processes when a rule is enforced; however there is room
for improvement and future work that needs to be done. Our solution is
specific for a specific problem, but it can be expanded and generalized for
other contexts.
|
