Re: Proposal "LUID"

Alan Curry (pacman-kernel@cqc.com)
Fri, 14 Apr 2000 22:26:58 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Albert D. Cahalan: "Re: Suggested dual human/binary interface for proc/devfs"
Previous message: Albert D. Cahalan: "Re: Proposal "LUID""
In reply to: Albert D. Cahalan: "Re: Proposal "LUID""
Next in thread: Linda Walsh: "Re: Proposal "LUID""

>>> On Fri, Apr 14, 2000 at 02:43:16PM -0700, Linda Walsh wrote:
>>
>> The security level formerly known as C2 requires the system to keep a
>> "login UID"; this ID never changes, regardless of real or effective UID
>> changes, and is used to record the actual user who performed some
>> audited action. System daemons run with LUID 0, which is the only LUID
>> permitted to change its LUID; if a process has a nonzero LUID, it can
>> not change its LUID for any reason.

So if named takes a dive, I login remotely and su to root and restart it,
it's not a "system daemon" anymore? Strikes me as a useless distinction at
best.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Albert D. Cahalan: "Re: Suggested dual human/binary interface for proc/devfs"
Previous message: Albert D. Cahalan: "Re: Proposal "LUID""
In reply to: Albert D. Cahalan: "Re: Proposal "LUID""
Next in thread: Linda Walsh: "Re: Proposal "LUID""