A new program stands to give data center administrators far greater control over what end users can and cannot access on a computer.
A team at Princeton University's PlanetLab global research network has developed an access control program called Vsys, and says that it has the potential to replace the widely used Unix sudo tool.
PlanetLab researcher Sapan Bhatia describes Vsys as a tool for restricting access to privileged operations. "The rapport between sudo and Vsys is like the rapport between assembly language and C, in the sense you can do everything with the former that you can with the latter," Bhatia says.
However, he notes that "Vsys contains a bunch of convenience mechanisms that if you [needed them] on a continual basis, you would have either used Vsys, or you'd end up developing something like Vsys."
The team used several other Unix tools to build Vsys, including Ptrace, a process tracer, and chroot, which defines a user's root file system. Administrators will be able to create scripts that can detail permissible user actions, while executions can be written in any programming language. Also, the executions are executable files.
From IDG News Service
View Full Article
No entries found