Re: Some applications for securelevel

Raul Miller (rdm@tad.micro.umn.edu)
Tue, 13 Feb 96 12:07 EST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Bryn Paul Arnold Jones: "Re: Vger spews quoted printable!"
Previous message: Michael Stiller: "Re: 1.6.32 make problems"

Andreas Kostyrka:
Yes, I know. I brought the argument only to show, that every
security related program will have to be patched for POSIX.6, and
not as some told us, be fixed auto-magically by priv-revoking via
allowed. But ok, then some programs will hav to be fixed, and
hopefully the patches will make it fast into the main
distributions.

Presumably, the programs will not have POSIX.6 privs granted to them,
in distributions, if they've not been upgraded to deal with those
privs.

However, distributions ought to provide systems which are reasonably
secure under any of the kernel configurations made possible by this
project (root priv, root priv + posix.6, posix.6 alone). [Thus, my
blathering...]

It will be interesting to see how much ground the final posix standard
covers. So far, I've no clue what the command line interface is going
to be like. Most likely posix.6 privs would be lost by the current
suite of backup/restore tools (except raw device copies -- I'm
thinking tar/cpio/etc.). Most certainly you wil need at least one
additional executable on your audit tools disk.

-- 
Raul

Next message: Bryn Paul Arnold Jones: "Re: Vger spews quoted printable!"
Previous message: Michael Stiller: "Re: 1.6.32 make problems"