> Each app should run in its own security context by itself. That is why
> I have all the following users in my /etc/passwd:
>
> apache nscd squid xfs ident rpc pcap nfsnobody radvd gdm named ntp
Well, wouldn't it be then logical to associate uids to capabilities, e.g. I
could have ping binary setuid to user ping which would have just the
necessary capabilities to operate?
-- Antti Salmela
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/