On Sun, 20 Feb 2000, Andreas Gruenbacher wrote:
> The kernel should boot up in non-trusted mode (with root and SUID root binaries
> recieving full capabilities, as it's implemented now).
>
> A simple syscall could then switch the kernel to trusted mode. Afterwards, root
> is treated as all other others.
>
> Switching to trusted mode then can easily be done in init scripts, ...
>
> Of course, there shouldn't be a way to switch back to non-trusted mode...
>
there shouldn't be any switch at any time.
Either your installation is compatible with a trust kernel or it's not.
And if it is, then by booting up in non-trusted mode you leave a small
window where the system is at risk. And hence switching to trusted mode
would be meaningless.
>
> Regards,
> Andreas
>
regards,
Paul Jakma
paul@clubi.ie
paul.jakma@compaq.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:28 EST