Re: Bugs in sysctl.c

Andrew G. Morgan (morgan@parc.power.net)
Mon, 11 Aug 1997 15:53:51 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michael Marxmeier: "async sockets and select()"
Previous message: Jim Pick: "Re: Ext2fs getting hosed by fsck"

Aaron Tiensivu wrote:
> > It seems that securelevel is completely shafted. For a start, the
> > permissions that /proc/sys/kernel/securelevel are registered with are
> > incorrect (0444, should be 0644 to allow root write access) Trivial patch
> > => not included here :-)
>
> As far as I remember, securelevel is a concept that was never really
> fully realized. It might be beneficial to comment out the code until the
> full-blown version of it is completed. (I'm not sure if someone is
> actively working on it or not).
>
> But it might be confusing to some people that hope that changing the
> secure level would really make their system more secure.

As noted by Chris, the secure-level got redefined for linux-privs to be a
bitmap (if I remember correctly this was done by Zefram). A bit was then
used to switch between POSIX 6 (aka. .1e) privileges (capabilities) and
normal root-omnipotence.

Cheers

Andrew

-- 
               Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
                  http://parc.power.net/morgan/index.html

Next message: Michael Marxmeier: "async sockets and select()"
Previous message: Jim Pick: "Re: Ext2fs getting hosed by fsck"