> Mostly true...
>
> Users can "ask" root to manage an executable.
>
> The admin could grant extended privs on a setuid-foo executable,
> even beyond what user foo would normally have.
There is a *completely* userspace solution for such things. Teach
sudo which capabilities it should leave. That's it. 'ask admin to mark
executable' == be included into sudoers with appropriate set of
capabilities. sudo allows different behaviour basing on a command, host,
user and arguments of said command. And it leaves audit trail. No need to
touch the kernel at all - tool already exists, so why reinvent the wheel?
> The kernel can not tell what privs a user should have. That info is
> stored in a file somewhere in /etc, /rsbac, or /tcb. (the kernel does
> not read your /etc/passwd or /etc/group files either)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/