On Tue, May 02, 2000 at 11:01:38AM -0700, Linda Walsh wrote:
[.. ugh, bad line wrapping, ugh <g>]
> One of the requirements for this level of 'trust' is that audit actions be
> able to be written corresponding to the appropriate 'authenticated' (as in
> they gave a "password" (literal password or other biometric)). Currently,
> none of the uid values can be guaranteed to remain constant for
> a login session. Thus the luid fix.
I'd rather see ruid "unbroken", but probably isn't possible to do this and
retain compatibility. Other than BSD style euid<->ruid swapping (which
could surely by fixed by a "local" kludge, rather a global one <g>), the
issue is su and friends. I've never been entirely happy with the Unix "become
someone else to do certain things" model; I'd much rather remain user "steved"
but "assert" or "raise" particular privileges when I was going to something
dangerous. Doesn't VMS have something like this? set proc/priv=xxx?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun May 07 2000 - 21:00:13 EST