Provided the executable remains unmodified (security model in OS this was
implemented on was quite different; no access to raw devices or filesystem
change times) the security info is cached. One method I see is attaching
watchdogs to privledged files to trap modifications or just flat out
prevent (+i) modifications to a privledged executable to make caching more
effective. But how many executables are you going to have with elevated
permissions anyway?
-- Robert Minichino Chief Engineer Denarius Enterprises, Inc. http://www.denarius.com/
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/