Followup to: <20020102172448.A18153@thyrsus.com>
By author: "Eric S. Raymond" <esr@thyrsus.com>
In newsgroup: linux.dev.kernel
>
> But you're thinking like a developer, not a user. The right question
> is which approach requires the lowest level of *user* privilege to get
> the job done. Comparing world-readable /proc files versus a setuid app,
> the answer is obvious. This sort of thing is exactly what /proc is *for*.
>
BULLSHIT. The user privilege level is identical in either case (no
special privilege needed.)
The setuid app is a lower privilege level than the kernel code you're
proposing adding. Not just is it bloat, it's actually a deterioration
in the overall security of the system.
-hpa
-- <hpa@transmeta.com> at work, <hpa@zytor.com> in private! "Unix gives you enough rope to shoot yourself in the foot." http://www.zytor.com/~hpa/puzzle.txt <amsp@zytor.com> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jan 07 2002 - 21:00:28 EST