Re: analysis: securelevels vs securebits with capabilities

Pavel Machek (pavel@bug.ucw.cz)
Wed, 23 Jun 1999 22:15:13 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: NIIBE Yutaka: "Re: PLIP"
Previous message: Pavel Machek: "Re: File Corruption Bug.. continued"
Next in thread: Ingo Molnar: "Re: redundant code in 2.3.8 buffer.c"
Reply: Ingo Molnar: "Re: redundant code in 2.3.8 buffer.c"

Hi!

> 1. file system capabilities need special patch of Andrew Morgan and
> special module - still file system drivers do not support capabilities.
> (present driver is still enough, but it keeps all capabilities in RAM - it
> has both pluses and minuses. pluses for fast access and auditing - it has
> a file in /proc, where all capabilized programs are listed, minuses - it
> uses ram :)

You can do this with elfcap, too, look at
http://atrey.karlin.mff.cuni.cz/~pavel/elfcap/elfcap.html.

Pavel

-- I'm really pavel@ucw.cz. Look at http://195.113.31.123/~pavel. Pavel Hi! I'm a .signature virus! Copy me into your ~/.signature, please!

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: NIIBE Yutaka: "Re: PLIP"
Previous message: Pavel Machek: "Re: File Corruption Bug.. continued"
Next in thread: Ingo Molnar: "Re: redundant code in 2.3.8 buffer.c"
Reply: Ingo Molnar: "Re: redundant code in 2.3.8 buffer.c"