I am thinking about is that possible in any way (hardware of software) to limit a root process from accessing certain resource? I know maybe there is no existing solution, but how about a super root process? or an access restriction that only process with pid 1 can access something? or process that run on certain memory area can access something?
1 Answer
SELinux can limit even root from doing various things unless it takes on a specific role. And it can limit when root can take this specific role as well.
-
Ah.. Yes. Is there a light-weighted solution? How they do that internally– Sen YangCommented Dec 8, 2010 at 6:27
-