> Some sort of security daemon could load user limits into the kernel
> as each UID is first used. The kernel could dispose of the per-UID
> information as soon as the count of processes with a particular UID
> reaches zero. Those system admins that don't need detailed user
> control could just skip the daemon, which would make the kernel use
> defaults. (something hacked info/from kerneld?)
>
> There may be more uses than just user limits.
Why don't you just implement a security model like MVS, whereby the
kernel asks some central security daemon whether it should complete a
function call or not. This has already been mentioned on the list. I am
sure that ex-mainframers taking a look at Linux would fall in love with
something like this. ;) People who don't want this model get the usual
Unix semantics.
-- William Burrow -- Fredericton Area Network, New Brunswick, Canada Copyright 1996 William Burrow Canada's federal regulator says it may regulate content on the Internet to provide for more Canadian content. (Ottawa Citizen 15 Nov 96 D15)