Re: [patch] mlock-as-nonroot revisted

From: William Lee Irwin III
Date: Tue Aug 03 2004 - 20:57:49 EST

Next message: Benjamin Herrenschmidt: "Re: Exposing ROM's though sysfs"
Previous message: Andrea Arcangeli: "Re: [patch] mlock-as-nonroot revisted"
In reply to: Gerrit Huizenga: "Re: [patch] mlock-as-nonroot revisted"
Next in thread: Arjan van de Ven: "Re: [patch] mlock-as-nonroot revisted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 03 Aug 2004 21:22:45 EDT, Rik van Riel wrote:
>> OK. Do any of those do the "root chowns an unnamed
>> hugetlbfs file" scenario ? ;)

On Tue, Aug 03, 2004 at 06:37:02PM -0700, Gerrit Huizenga wrote:
> Badari will probably know the access method for DB2 better than
> I do. I know they go quite out of their way to avoid having
> root permissions at any point in time. How they accomplish this
> in the current source base, I don't know. They were using
> capabilities for things like this for a while.

IIRC the program launcher acquires the capabilities prior to dropping
root privileges and acquires the shm segment prior to exec.

-- wli
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Benjamin Herrenschmidt: "Re: Exposing ROM's though sysfs"
Previous message: Andrea Arcangeli: "Re: [patch] mlock-as-nonroot revisted"
In reply to: Gerrit Huizenga: "Re: [patch] mlock-as-nonroot revisted"
Next in thread: Arjan van de Ven: "Re: [patch] mlock-as-nonroot revisted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]