Re: Proposal "LUID"

• Next message: Albert D. Cahalan: "Re: Suggested dual human/binary interface for proc/devfs"
• Previous message: Albert D. Cahalan: "Re: Proposal "LUID""
• In reply to: Albert D. Cahalan: "Re: Proposal "LUID""
• Next in thread: allbery@kf8nh.apk.net: "Re: Proposal "LUID""
• Reply: allbery@kf8nh.apk.net: "Re: Proposal "LUID""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>> On Fri, Apr 14, 2000 at 02:43:16PM -0700, Linda Walsh wrote:
>>
>> The security level formerly known as C2 requires the system to keep a
>> "login UID"; this ID never changes, regardless of real or effective UID
>> changes, and is used to record the actual user who performed some
>> audited action. System daemons run with LUID 0, which is the only LUID
>> permitted to change its LUID; if a process has a nonzero LUID, it can
>> not change its LUID for any reason.

So if named takes a dive, I login remotely and su to root and restart it,
it's not a "system daemon" anymore? Strikes me as a useless distinction at
best.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Albert D. Cahalan: "Re: Suggested dual human/binary interface for proc/devfs"
• Previous message: Albert D. Cahalan: "Re: Proposal "LUID""
• In reply to: Albert D. Cahalan: "Re: Proposal "LUID""
• Next in thread: allbery@kf8nh.apk.net: "Re: Proposal "LUID""
• Reply: allbery@kf8nh.apk.net: "Re: Proposal "LUID""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Apr 15 2000 - 21:00:25 EST