3 files changed, 35 insertions, 0 deletions

diff --git a/doc/.gitignore b/doc/.gitignore
new file mode 100644
index 0000000..8164e02
--- /dev/null
+++ b/doc/.gitignore
@@ -0,0 +1,3 @@
+*.log
+*.aux
+*.pdf
diff --git a/doc/Makefile b/doc/Makefile
new file mode 100644
index 0000000..47bc58b
--- /dev/null
+++ b/doc/Makefile
@@ -0,0 +1,5 @@
+.POSIX:
+
+privexec.pdf: privexec.tex
+	pdflatex privexec.tex
+	pdflatex privexec.tex
diff --git a/doc/privexec.tex b/doc/privexec.tex
new file mode 100644
index 0000000..15a5815
--- /dev/null
+++ b/doc/privexec.tex
@@ -0,0 +1,27 @@
+\documentclass{article}
+
+\title{%
+    PrivExec\\
+    \large Safe privilege elevation through responsibility separation
+}
+\author{Jakob Kaivo}
+
+\begin{document}
+\maketitle
+
+\begin{abstract}
+The discovery of exploitable bugs in critical security components such as
+\texttt{sudo} happens with alarming frequency. Complexity of the SUID binary
+plays a significant part in allowing these bugs to exist in the first place.
+This paper presents a much simpler replacement for \texttt{sudo} which
+separates the different stages of privilege elevation into separate processes,
+only the last of which is fully elevated.
+\end{abstract}
+
+\section{Complexity}
+
+\section{Use Case Reduction}
+
+\section{Responsibility Separation}
+
+\end{document}