Re: Secure-linux and standard kernel

Alan Cox (alan@lxorguk.ukuu.org.uk)
Thu, 25 Jun 1998 21:34:50 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Horst von Brand: "Re: Secure-linux and standard kernel"
Previous message: Robert G. Brown: "Re: quad ppro Compaq proliant 5000 problems with 2.1.106-ac4 was: Re: Any SMP people out there with"

> I retract my previous position. You are probably correct. This somewhat
> flys in the face of the traditional UNIX model of having all
> protection-related information in the inode but the benefits may outweigh
> that.

The unix model for a long time has been that

the user has a set of rights W
the mount takes away a subset X
the file systems adds a subset Y
the binary drops a subset Z

So this is quite consistent - as its being able to do

mount /dev/hda /home -odrop_capabilities=raw_socket,setfsuid,...

So it seems to follow quite logically with what we have now. Right at the
moment a setuid binary basically gets to be setuid, not setuid and thats
about it. Now it can be granular

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Horst von Brand: "Re: Secure-linux and standard kernel"
Previous message: Robert G. Brown: "Re: quad ppro Compaq proliant 5000 problems with 2.1.106-ac4 was: Re: Any SMP people out there with"