| Linux IPC机制安全性的研究及改进 |
| |
| 引用本文: | 陈萍,吴波,张以皓,张毓森.Linux IPC机制安全性的研究及改进[J].解放军理工大学学报,2004,5(3):17-19. |
| |
| 作者姓名: | 陈萍 吴波 张以皓 张毓森 |
| |
| 作者单位: | 解放军理工大学指挥自动化学院 江苏南京210007
(陈萍,吴波,张以皓),解放军理工大学指挥自动化学院 江苏南京210007(张毓森) |
| |
| 摘 要: | Linux支持管道和System V IPC等多种进程间通信机制,现有的进程间通信机制存在着访问控制上的缺陷,可能会让攻击者获得部分或全部的系统控制权。分析了现有Linux几种进程间通信的访问控制机制,并提出了通过实现进程间通信的强制访问制MAC(Mandatory Access Control)来提高Linux系统安全的方法。
|
| 关 键 词: | Linux 进程间通信 强制访问控制 |
| 文章编号: | 1009-3443(2004)03-0017-03 |
| 修稿时间: | 2004年2月12日 |
Research and Improvement of the Security of Linux IPC Mechanism |
| |
| CHEN Ping,WU Bo,ZHANG Yi-hao and ZHANG Yu-sen.Research and Improvement of the Security of Linux IPC Mechanism[J].Journal of PLA University of Science and Technology(Natural Science Edition),2004,5(3):17-19. |
| |
| Authors: | CHEN Ping WU Bo ZHANG Yi-hao and ZHANG Yu-sen |
| |
| Institution: | Institute of Command Automation, PLA Univ. of Sci. & Tech., Nanjing 210007, China;Institute of Command Automation, PLA Univ. of Sci. & Tech., Nanjing 210007, China;Institute of Command Automation, PLA Univ. of Sci. & Tech., Nanjing 210007, China;Institute of Command Automation, PLA Univ. of Sci. & Tech., Nanjing 210007, China |
| |
| Abstract: | There are some kinds of Inter-Process Communication (IPC) mechanism in Linux operating system, such as pipe and system V IPC. But there are some defects in the access control mechanism for IPC, which can result in attackers' getting some privileges to control the system. The paper analyses the access control in the IPC and presents methods of adding MAC mechanism to the IPC to improve the security of Linux. |
| |
| Keywords: | Linux IPC(Inter-Process Communication) MAC(Mandatory Access Control) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《解放军理工大学学报》浏览原始摘要信息 |
| 点击此处可从《解放军理工大学学报》下载免费的PDF全文 |
