Re: immutable flag on ext2fs

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 21 Jun 1999 22:39:46 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Richard Stallman: "Re: I discussed reading directories as files with jra, Stallman, and loic"
Previous message: Jeffrey B. Siegal: "Re: Some very thought-provoking ideas about OS architecture."
In reply to: Michael H. Warfield: "Re: immutable flag on ext2fs"
Next in thread: Wakko Warner: "Re: immutable flag on ext2fs"

> > There is a proper way to solve this. Use 2.0.37 and redefine the securelevel
> > to read from a parallel port or similar and check for a magic code. Now you
> > can wire yourself a superuser enable dongle .
>
> Care to elaborate on this a bit?

On a PC the lp data port is a single readable register normally living
on a side bus of the PCI chipset (so fast). Just read it and check it
is some specific magic value.

> adapter to do a smartcard/dongle kind of thing for some crypto work. For
> a laptop, this helps keep things like keys off the box and transportable
> Sounds like a similar idea to the parallel port idea.

Very, although its harder to check instantly in kernel. I guess you'd have
to put in code that allows key based changing of securelevel via an ioctl

> What about 2.2? I noticed that the capabilities stuff is largely
> supplanting the securelevel idea.

They are simply more fine grained. Chris Evans has found a couple of problems
with the current model but they are fixable

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard Stallman: "Re: I discussed reading directories as files with jra, Stallman, and loic"
Previous message: Jeffrey B. Siegal: "Re: Some very thought-provoking ideas about OS architecture."
In reply to: Michael H. Warfield: "Re: immutable flag on ext2fs"
Next in thread: Wakko Warner: "Re: immutable flag on ext2fs"