1. Field
The present embodiments generally relate to operating systems. More specifically, the present embodiments relate to techniques for restricting privileges of processes in operating systems.
2. Related Art
Secure execution of programs in operating systems may be facilitated by granting and denying privileges on a per-process basis. In particular, minimization of privileges may reduce the ability of attacks to exploit operating-system vulnerabilities associated with such privileges. For example, privileges associated with filesystem access, network access, and/or inter-process communication or signals may be granted or denied on an as-needed basis to one or more processes within an operating system to reduce the likelihood that vulnerabilities associated with the privileges may be exploited by attacks.
However, non-root processes in operating systems are typically incapable of dropping privileges by themselves. Instead, a system administrator typically needs to use mandatory access control (MAC) to provide a policy for limiting a process's privileges. As a result, processes are incapable of dynamically restricting privileges without administrator intervention, root access, and/or changes to the kernel.
Hence, what is needed is a technique for effectively and dynamically minimizing privileges for non-root processes in operating systems without requiring administrator intervention.