Re: UID/GID mapping system

From: Søren Hansen
Date: Fri Mar 12 2004 - 10:03:13 EST

Next message: Mark_H_Johnson: "Re: [PATCH] 2.6.4-rc2-mm1: vm-split-active-lists"
Previous message: Marc Giger: "2.6.4 on Alpha uninterruptible sleep of processes"
In reply to: Jesse Pollard: "Re: UID/GID mapping system"
Next in thread: Jesse Pollard: "Re: UID/GID mapping system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

fre, 2004-03-12 kl. 14:52 skrev Jesse Pollard:
> > Let's just for a second assume that I'm the slow one here. Why is the
> > world a less secure place after this system is incorporated into the
> > kernel?
> Because a rogue client will have access to every uid on the server.

As opposed to now when a rogue client is very well contained?

> Mapping provides a shield to protect the server.

A mapping system could provide extra security if implemented on the
server. That's true. This is, however, not what I'm trying to do. This
system is NOT a security related one (it doesn't increase nor decrease
security), but rather a convenience related one.

--
Salu2, Søren.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mark_H_Johnson: "Re: [PATCH] 2.6.4-rc2-mm1: vm-split-active-lists"
Previous message: Marc Giger: "2.6.4 on Alpha uninterruptible sleep of processes"
In reply to: Jesse Pollard: "Re: UID/GID mapping system"
Next in thread: Jesse Pollard: "Re: UID/GID mapping system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]