Re: inheritable set [was Re: caps in elf headers: use the sticky

Theodore Y. Ts'o (tytso@mit.edu)
Wed, 21 Apr 1999 21:13:15 -0400 (EDT)


Date: Wed, 21 Apr 1999 19:33:48 -0400 (EDT)
From: Alexander Viro <viro@math.psu.edu>
Great. Except that you broke sudo, gave special attributes to half
of fileutils, broke perl scripts running from crontab (unless you bestow
full-caps on perl, or, better yet, keep a copy for each possible
combination of caps). With all due respect, is this proposal backed by
a single *working* system or is it a committee-designed OSIesque? In other
words, is it a codification of existing practice (on some research system,
whatever)? It may be a low blow, but... do you remember the late OSI/ISO?
If you can show the existing implementation - my thanks and apologies.

How about Trusted Solaris and Trusted HPUX? I think there is an AIX
implementation of capabilities, but I'm not sure about this. The
various company's Trusted Unix systems were mostly compatible, but
unfortunately, not quite; that's why there was a push to try to
standardize caoabukutues within POSIX in the first place.

HP has in particular pushed Trusted HPUX as an OS of choice for really
paranoid companies for web servers connected both inside and outside the
company's firewall (which might be needed for certain kinds business
applications where a publicly accessible web server has to be connected
to databases located behind the company's firewall, for example).

- Ted

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/