Derek Martin <derek@cerberus.ne.mediaone.net> said:
> Yesterday, David Ford gleaned this insight:
> > > FACT: The Linux kernel DOES NOT USE a "TWO LAYER" (root & !root) security
> > > model.
Yes and no. The kernel bits for this are mostly in place (managinf
capabilities and ACLs in the filesystem is missing), almost none of the
userland stuff is done yet.
> > > Linux uses a capability system. All 'root' level
> > > privileges are divided into a capability set. There are
> > > currently 26 capability bits assigned, thus dividing root power
> > > into 67,108,863 possible access levels.
> Can you point me to where this is documented? I had no idea Linux had such
> a system...
For all intents and purposes, it hasn't (yet). Some of the fine(r) points
of how it should work are still being hammered out.
-- Horst von Brand vonbrand@sleipnir.valparaiso.cl Casilla 9G, Vin~a del Mar, Chile +56 32 672616- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jun 26 2000 - 21:00:10 EST