Re: Filesystem Capabilities in 2.6?

Bernd Eckenfels (ecki-news2002-09@lina.inka.de)
Tue, 5 Nov 2002 11:50:48 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kees Bakker: "2.4.45 + usb uhci oopses and panics"
Previous message: Alan Cox: "Re: Linux v2.5.46 (compile error)"

In article <20021105094741.A32344@bitwizard.nl> you wrote:
> Capabilties done right, means that normal users DO have capabilities.
> Normal users have the capability to call normal syscalls like "read",
> "write" and "execve".

This is IMHO very desireable, but not part of POSIX capabilties and also
even more intrusive on the applications.

Even on Windows NT you do not have such User capabilties. With a good
namespace and ACL concept, you can get around it, most of the time.
(although a object based security is not always as good as a subject bound).

Greetings
Bernd
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kees Bakker: "2.4.45 + usb uhci oopses and panics"
Previous message: Alan Cox: "Re: Linux v2.5.46 (compile error)"