RE: Future Linux devel. Kernels

From: Igmar Palsenberg (
Date: Tue May 09 2000 - 05:35:49 EST

> >
> > - Making sysklogd and klogd immutable
> ---
> Das ok. With mount, I can just mount over the top of them, killoff current ones, restart my
> new ones.

You can't remount the root fs while running.

> That would be horrible. I'd have anything w/pathnames in a userspace daemon -- but the
> kernel still needs to emit the event that a process w/luid=daemon and uid=root exec'ed some program.

> Then the user-land daemon handles the table of 'baddies'. Alternatively we get MAC in place. Just
> using 'Integrity: level=deamon, class=deamon" for all daemon executable files and then set the
> integrity level the same on user-land daemons. Then the OS will automatically disallow execution
> of any program not marked with the proper Integrity label. Labels can only be changed with
> CAP_MAC_OVERRIDE which wouldn't be set for userland daemons.

That means a userlevel thingy manages these thing. The 'chicken and egg'


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at

This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:13 EST