On Thu, 31 May 2001, Casey Schaufler wrote: > Chris Wright wrote: > > > The problem is that > > capabilities is fundamentally about overriding restrictions (at least that's > > my read of the P1003.1e draft). > > This is correct. The Capabilities of P1003.1e are intended > to be explicit permissions to override system security policy. > They were designed with the goal of breaking up the Superuser. > They were also designed to provide clarity on what the base > P1003.1 spec meant when it said "appropriate privilege". > The capability specification reflects in many ways the > policy which can be gleaned from the P1003.1 spec, including > the list of required capabilities. But what if we want our security policy to be completely pervasive? That is, what if root (or superuser, etc) should be explicitly denied from certain tasks? Capabilities doesn't allow for this at all. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu May 31 2001 - 09:22:26 PDT