landlock.rst - OpenGrok cross reference for /linux-6.1.9/Documentation/userspace-api/landlock.rst

Lines Matching refs:access
7 Landlock: unprivileged access control
14 filesystem access) for a set of processes.  Because Landlock is a stackable
16 in addition to the existing system-wide access-controls. This kind of sandbox
32 file hierarchy, and the related filesystem actions are defined with `access
44 the need to be explicit about the denied-by-default access rights.
72 remove the ``LANDLOCK_ACCESS_FS_REFER`` access right which is only supported
129 for the ruleset creation, by filtering access rights according to the Landlock
133 We now have a ruleset with one rule allowing read access to ``/usr`` while
169 It is recommended setting access rights to file hierarchy leaves as much as
176 access rights per directory enables to change the location of such directory
177 without relying on the destination directory access rights (except those that
180 Having self-sufficient hierarchies also helps to tighten the required access
184 In this case, granting read-write access to ``~/tmp/``, instead of write-only
185 access, would potentially allow to move ``~/tmp/`` to a non-readable directory
188 Layers of file path access rights
197 One policy layer grants access to a file path if at least one of its rules
198 encountered on the path grants the access.  A sandboxed thread can only access
199 a file path if all its enforced policy layers grant the access as well as all
200 the other system access controls (e.g. filesystem DAC, other LSM policies,
206 Landlock enables to restrict access to file hierarchies, which means that these
207 access rights can be propagated with bind mounts (cf.
214 access when they are encountered on a path, which means that they can restrict
215 access to multiple file hierarchies at the same time, whether these hierarchies
226 then only think about file hierarchies they want to allow access to, regardless
264 handled access right explicit enables the kernel and user space to have a clear
359 restricted.  However, thanks to the `ptrace restrictions`_, access to such
387 Because Landlock targets unprivileged access controls, it needs to properly
390 restrict access to files, also implies inheritance of the ruleset restrictions
399 access right.
434 access-control and then miss useful features for such use case (e.g. no
437 `Controlling access to user namespaces <https://lwn.net/Articles/673597/>`_).