I know.
And as I pointed out, when done correctly, the _correct_ way allows the
exact same thing.
The difference being that when you do secure-levels correctly, you can use
them for other things too.
> For once Linus you are busy badmouthing something which you quite visibly
> missed the entire point of. The BSD securelevel system does a very specific
> job and does it incredibly well.
They do one job, and they do that one job well.
Earthworms do one thing, and they do one thing incredibly well. I still
consider earthworms to be fairly "intellectually challenged". I'm not
badmouthing them by calling them stupid, I'm just stating facts.
If you do securelevels the way I suggested, you will find that they do
that one job incredibly well too. But you will find that you can use them
for other things AS WELL.
For example, I would personally never be interested in using the BSD kind
of securelevels: by design the BSD securelevels would prevent me from
doing exactly the kinds of things I need to do (ie install a new kernel
and reboot, which is a very obvious security risk).
In short, to me the BSD securelevels are completely useless. Why should I
support them, when there is something that is a _superset_ of the BSD
behaviour, that I could actually find useful (ie I might well want to
limit some people from doing specific things).
Read my email again - I specifically said that if you want the bsd
behaviour you can get it with the per-process-bitmap approach. I don't
want to (I _cannot_) work in that kind of fascist setup, but it certainly
works well enough.
So tell me again: why should I not consider the BSD "one securelevel"
approach stupid, when I can point to another implementation that is not
really any more work, and obviously does a better job of it?
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu