Re: Capabilities

• Next message: ListBot Help: "Message Returned"
• Previous message: H. Peter Anvin: "Re: [patch-2.3.47] /proc/driver/microcode -> /dev/cpu/microcode"
• In reply to: Pavel Machek: "Re: Capabilities"
• Next in thread: Horst von Brand: "Re: Capabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

   Date: Tue, 22 Feb 2000 09:54:35 +0100
   From: Pavel Machek <pavel@suse.cz>

   If capabilities are not present on ISO, how are you going to install
   your system. If you don't have capabilities on NFS, how secure are
   your workstations going to be?

The capaibilities will need to be encoded into the RPM or dpkg system
--- just as the owner and mode information is currently encoded in the
package. Without support from the package managers, I doubt any system
administrators would be able to administer capabilities on a full system
without going stark raving insane.

If you're using NFS for your system binaries, your system isn't secure
by definition --- so not having capabilities on NFS is not what I would
call a loss.

                                                - Ted

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: ListBot Help: "Message Returned"
• Previous message: H. Peter Anvin: "Re: [patch-2.3.47] /proc/driver/microcode -> /dev/cpu/microcode"
• In reply to: Pavel Machek: "Re: Capabilities"
• Next in thread: Horst von Brand: "Re: Capabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:31 EST