Re: Proposal "LUID"

Linda Walsh (law@sgi.com)
Fri, 14 Apr 2000 21:18:40 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ed Carp: "Re: RE: IP masquerading Vulnerabilites"
Previous message: Alexander Viro: "Re: devfs - why not ?"
Maybe in reply to: Linda Walsh: "Proposal "LUID""
Next in thread: Linda Walsh: "Re: Proposal "LUID""

"Albert D. Cahalan" wrote:
> So you only need one system call for this. No CAP_* bit required.
>
> int sysluid(int arg){
> int old = current->luid;
> if(old) return old;
> current->luid = arg;
> return arg;
> }
>
> If login fails to set LUID then, yes, normal users can mess with it.
> This is OK because your system wasn't using it anyway.

---
	I like it, unfortunately it won't do everything I need.  1) init should start up
with LUID==-1 (it's not a valid login ID).  2)  Account 0 should be audited when
root logs in.  In the above implementation you are relying on root having privileged
status.  In a capability based system 'root' is just another user to be monitored
and may have no privilege.

-l

-- 
Linda A Walsh                    | Trust Technology, Core Linux, SGI
law@sgi.com                      | Voice: (650) 933-5338

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/






 Next message: Ed Carp: "Re: RE: IP masquerading Vulnerabilites"
 Previous message: Alexander Viro: "Re: devfs - why not ?"
 Maybe in reply to: Linda Walsh: "Proposal "LUID""

 Next in thread: Linda Walsh: "Re: Proposal "LUID""