In <Pine.LNX.4.21.0007212348090.2501-100000@bodnar42.dhs.org> bodnar42@bodnar42.dhs.org (bodnar42@bodnar42.dhs.org) wrote:
> On Sat, 22 Jul 2000, Stephen Frost wrote:
>> As root you can do alot worse things that hurt users. When the
>> kernel does *exactly* as root requests I have a hard time seeing it as being
>> flawed.
>>
> It's flawed if sanity checks aren't in place to prevent it from doing
> obviously and detectably incorrect things.
Sorry, guys. It's Microsoft's philosophy: "user is stupid and OS should not
allow him(her) to hurt himself(herself)". You want it you know where to find
it. Unix's phylosophy is quite different. One part of unix's phylosophy is
simple part "Unix is mere operation system and root is god". Now we are
splitting root rights, so it's more like "Unix is mere operation system and
user with full capabilities set is god". So the only thing that CAN BE
discussed is "what capability I need to have to fry the disk". Perhaps
CAP_SYS_ADMIN was wrong choice and CAP_SYS_RAW should be used instead
(or we need both?). Anything else is paradigma shift and NOT belond to
quick fix (even if we need such paradigm shift which I doubt).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:19 EST