Sign In

Communications of the ACM

ACM TechNews

Planetlab Creates a More Advanced Sudo

View as: Print Mobile App Share:

A new program stands to give data center administrators far greater control over what end users can and cannot access on a computer.

A team at Princeton University's PlanetLab global research network has developed an access control program called Vsys, and says that it has the potential to replace the widely used Unix sudo tool.

PlanetLab researcher Sapan Bhatia describes Vsys as a tool for restricting access to privileged operations. "The rapport between sudo and Vsys is like the rapport between assembly language and C, in the sense you can do everything with the former that you can with the latter," Bhatia says.

However, he notes that "Vsys contains a bunch of convenience mechanisms that if you [needed them] on a continual basis, you would have either used Vsys, or you'd end up developing something like Vsys."

The team used several other Unix tools to build Vsys, including Ptrace, a process tracer, and chroot, which defines a user's root file system. Administrators will be able to create scripts that can detail permissible user actions, while executions can be written in any programming language. Also, the executions are executable files.

From IDG News Service
View Full Article

Abstracts Copyright © 2011 Information Inc. External Link, Bethesda, Maryland, USA 


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account