Re: Securelevel in Linux? (Was: Re: immutable flag on ext2fs)

Jonathan Walther (krooger@debian.org)
Tue, 22 Jun 1999 10:41:20 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ingo Molnar: "Re: oops if free a locked page"
Previous message: Andrea Arcangeli: "oops if free a locked page"
In reply to: Alexander Viro: "Re: FENRIS (nwfs) 1.4.2 Source Code Available,"
Next in thread: Matthew Kirkwood: "Re: Securelevel in Linux? (Was: Re: immutable flag on ext2fs)"

Whether we have true securelevels or securelevels implemented with
capabilities, its still damn handy to be able to flip between them.
Securelevels handle the majority of cases in a UNIX way. Capabilities are
cool, but they hark more of the mainframe world. Some Linux based "systems"
may be put together that use them to the full, but UNIX with a Linux kernel
will never truly use capabilities beyond a few token things. The model is
too drastically different.

Jonathan

On Tue, 22 Jun 1999, Alan Cox wrote:

> > Alan, I know we have capabilities in the kernel. Did the securelevel code
> > finally get added back in? If so this is a time for celebration. What
> > programs let an admin flip between securelevels on their linux box?
>
> You don't want securelevel if you have capabilities in right. Capabilities
> are simply fine grained securelevel
>
>
>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: oops if free a locked page"
Previous message: Andrea Arcangeli: "oops if free a locked page"
In reply to: Alexander Viro: "Re: FENRIS (nwfs) 1.4.2 Source Code Available,"
Next in thread: Matthew Kirkwood: "Re: Securelevel in Linux? (Was: Re: immutable flag on ext2fs)"