In <Pine.LNX.4.10.10007221215000.5294-100000@dax.joh.cam.ac.uk> James Sutherland (jas88@cam.ac.uk) wrote:
> On Sat, 22 Jul 2000, David Luyer wrote:
>>
>> > Think about this: there are situations where root *MUST* be subject to
>> > various restrictions (via capabilities, immutable files, etc). If root is
>> > able to talk directly to the hardware, these restrictions become
>> > unenforcable - security just went out of the window. This is unacceptable:
>> > Linux must not do it. (Or rather, it must be possible to prevent Linux
>> > doing it.)
>>
>> Root can only talk directly to the hardware when given appropriate
>> capabilities - CAP_RAW_IO I believe.
> Nope. Capabilities mean SFA to root ATM: root can just bypass them all.
PLEASE stop talking about somthing you do not know. If you removed capability
FROM SYSTEM via /proc/sys/kernel/cap-bound then there are NO way to return it
back (ok, you can return it back via special kernel module or via /dev/kmem
but it's also need some capabilities :-)
> Not a very useful `feature', but hard to remove I suspect.
It IS removed. Already. In late 2.2 kernels and 2.4 kernel.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:19 EST