Jan Harkes wrote:
> The problem I see with LUIDs, which PAGs avoid is that with a user-id is
> is impossible to distinguish applications that were started by a user
> logging in at different times, or in multiple simultaneous sessions.
> i.e. a valid user who logging in from the console compared to a user who
> just managed to start a compromised shell by hacking some daemon.
--- Accounting could be configured to record 'exec's, ppid and pid so a chain of actions taken by a given login session could be traced.I'm not sure I see a benefit in this adding a new counter. Seems like this would just invite someone to loop on calling newpag. Wouldn't that generate alot of "paperwork" (ok, computer running through loops after loops in a log to reconstruct a user path). Yes they could do the same think with a 'fork' loop, but that's already a problem. I just don't think the PAG solution solves anything.
-l
-- Linda A Walsh | Trust Technology, Core Linux, SGI law@sgi.com | Voice: (650) 933-5338
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Apr 23 2000 - 21:00:08 EST