On 14 Apr, Linda Walsh wrote:
+-----
| "Albert D. Cahalan" wrote:
| > So you only need one system call for this. No CAP_* bit required.
| >
| > int sysluid(int arg){
| > int old = current->luid;
| > if(old) return old;
| > current->luid = arg;
| > return arg;
| > }
| >
| > If login fails to set LUID then, yes, normal users can mess with it.
| > This is OK because your system wasn't using it anyway.
| ---
| I like it, unfortunately it won't do everything I need. 1) init should start up
| with LUID==-1 (it's not a valid login ID). 2) Account 0 should be audited when
+--->8
That's my fault, I characterized luid 0 as special when it's actually
-1. (In my defense, I tend to think in terms of root not being allowed
to log in to secure systems so luid 0 should never occur.)
Make it "if(old!=-1)" and you get the correct behavior.
--
brandon s. allbery os/2,linux,solaris,perl allbery@kf8nh.apk.net
system administrator kthkrb,heimdal,gnome,rt allbery@ece.cmu.edu
carnegie mellon / electrical and computer engineering kf8nh
We are Linux. Resistance is an indication that you missed the point.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Apr 15 2000 - 21:00:26 EST