On 16 Apr, Alan Curry wrote:
+-----
| Linda Walsh writes the following:
| > The events can be tracked via forks/execs. When I su to another user
| >withing my current 'session', then spawn an xterminal, All I would see in the log
| >is that user "new" now has started a session. I'll see no idea that it was
| >really user "old".
|
| It really isn't user "old". su changes what user YOU REALLY ARE. That's what
| su MEANS. Substitute User. If you don't like it you can rm /bin/su. You don't
| need to bloat everybody's task_struct with this luid sillyness.
+--->8
So I infer that it is "incorrect" for Linux to qualify for CCAP/C2
security? Wonderful. Let's lock it *out* of secure markets.
(Hint: luids are required by CCAP/C2 security *standards* for
"trusted Unix". They aren't something Linux developers can rewrite to
their own tastes; Linux will not be usable in CCAP/C2-compliant
environments if the kernel doesn't track LUIDs as defined by CCAP/C2.)
-- brandon s. allbery os/2,linux,solaris,perl allbery@kf8nh.apk.net system administrator kthkrb,heimdal,gnome,rt allbery@ece.cmu.edu carnegie mellon / electrical and computer engineering kf8nh We are Linux. Resistance is an indication that you missed the point.- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Apr 23 2000 - 21:00:09 EST