[...]
> OK, but there won't be such system call. The goal of this is to set an
> array of 500 possible users that could be root (including 0). This would
> mean that an exploit would have to try many uids before getting somewhere,
> and if root is paranoid, he can change his ID 5 times a day. Then the
> exploits would only work for a fairly short time.
Exploits usually work by taking over an pivileged process, so this won't
help a bit. Or they work by cracking root's password in some way, and
loging in normally. Your scheme won't protect against any of those.
-- Horst von Brand vonbrand@sleipnir.valparaiso.cl Casilla 9G, Viņa del Mar, Chile +56 32 672616- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/