So you don't use them. According to the figures there are about 5,999,999
other Linux users however some of whom probably wish they had better
security.
> In short, to me the BSD securelevels are completely useless. Why should I
> support them, when there is something that is a _superset_ of the BSD
> behaviour, that I could actually find useful (ie I might well want to
> limit some people from doing specific things).
Tell me Linus, you don't have a 3c509 ethernet card, why don't you just
delete all the drivers ? ie - I don't see your argument.
> So tell me again: why should I not consider the BSD "one securelevel"
> approach stupid, when I can point to another implementation that is not
> really any more work, and obviously does a better job of it?
And tell me how if you inherit securelevels you prove that every process
is subject to the desired restraints. Do you walk the process tree removing
bits from each process. We could do it that way I guess. It would cost
4 bytes per process, take a lot longer to set the values and do the same thing.
Btw: you ought to fix the /tmp race in make config one of these years, its
so old its been reported as a new discovery twice on bugtraq now.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu