Re: Filesystem Capabilities in 2.6?

• Next message: Jens Axboe: "Re: swsusp: don't eat ide disks"
• Previous message: Rolf Eike Beer: "Re: build error in 2.5.45"
• In reply to: Dax Kelson: "Re: Filesystem Capabilities in 2.6?"
• Next in thread: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"
• Reply: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dax Kelson <dax@gurulabs.com> wrote:

> Each app should run in its own security context by itself. That is why
> I have all the following users in my /etc/passwd:
>
> apache nscd squid xfs ident rpc pcap nfsnobody radvd gdm named ntp

Well, wouldn't it be then logical to associate uids to capabilities, e.g. I
could have ping binary setuid to user ping which would have just the
necessary capabilities to operate?

-- 
Antti Salmela
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

• Next message: Jens Axboe: "Re: swsusp: don't eat ide disks"
• Previous message: Rolf Eike Beer: "Re: build error in 2.5.45"
• In reply to: Dax Kelson: "Re: Filesystem Capabilities in 2.6?"
• Next in thread: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"
• Reply: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Nov 07 2002 - 22:00:32 EST