minimum capabilities?

Albert D. Cahalan (acahalan@cs.uml.edu)
Sun, 11 Apr 1999 02:26:02 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David W. Hankins: "Re: Linux 2.2.5ac6"
Previous message: jumeaux lists: "Sound error: Couldn't allocate DMA buffer"
Next in thread: Horst von Brand: "Re: minimum capabilities?"
Maybe reply: Horst von Brand: "Re: minimum capabilities?"

Execution should fail when the new capabilities (after calculation) are
not enough to do everything the executable needs to do. If execution
can proceed, the user has selective control over system call failures.

I believe we currently handle this problem by not letting users drop
their own capabilities and/or by not dividing up normal user rights
into default capabilities.

Might it be better to have executables specify what they need?
(and then fail, not force the additional capabilities)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: David W. Hankins: "Re: Linux 2.2.5ac6"
Previous message: jumeaux lists: "Sound error: Couldn't allocate DMA buffer"
Next in thread: Horst von Brand: "Re: minimum capabilities?"
Maybe reply: Horst von Brand: "Re: minimum capabilities?"