RE: Linux-privs
Stephan K. Zitz (zitz@erf.net)
Sun, 29 Mar 1998 15:54:20 -0600
> well, judging from lurking on their list and checking out patches
> casually, it got completed to quite a level. suser() got extended in a way
> to check for priviledge(s) required by the local kernel context. They also
> got it fairly close to TrustedSolaris. The funny thing is that with their
> scheme, a has_cap(CAP_RAWDISK) is about 3 lightweight assembly
> instructions, about the same as you get from the broken BSD 'if
> (securelevel > 0)' approach. [a has_cap(CAP_RAWDISK) expands to something
> like a 'if (current->capmask & CAP_RAWDISK)']. And if you consider that
> suser() is removed _completely_ [from that source point, it's still there
> for migration reasons], it's even a speedup ...
>
I'm curious … Why was Trusted Solaris chosen as the implementation to
"[get]…fairly close to…"?
Where is/was this list available from?
Thanks
--Stephan
zitz@erf.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu