On Thu, Nov 14, 2002 at 01:40:25PM -0800, Rohit Seth wrote:
> Strictly speaking user don't have to be root. Currently the syscall
> only requires users to have root as one of the supplementary groups (and
> that is how Oracle is actually using these syscalls). And if
> CAP_IPC_LOCK (to make it coherent with fs side of the world) is what is
> preferdto provide access to hugepages then that change is simple also.
> Don't need to do any chmod.
Chmod is easier to administor (the special permissions are obvious with
a standard tool called ls), and doesn't require giving random apps root
privs (good practice still dictates that database backends should not
have root). Capabilities would work, but have yet to catch on in any
real sense and are lacking in terms of useful tools in most distributions.
-ben
-- "Do you seek knowledge in time travel?" - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Nov 15 2002 - 22:00:34 EST