> - Once we have file-based capabilities, we can implement that. Here, the idea I
> posted before (which was shamelessly stolen from another OS) can be used. The
> kernel boots in ``non-trusted'' mode; SUID root binaries get all capabilities. A
> process in the init scripts then switches the system into ``trusted'' mode.
> After that, SUID root binaries are treated no different anymore.
Switching into another mode of operation is just plain ugly. We can
work without that.
-- I'm email@example.com. "In my country we have almost anarchy and I don't care." Panos Katsaloulis describing me w.r.t. patents me at firstname.lastname@example.org
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to email@example.com Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:28 EST