* jmjonesat_private (jmjonesat_private) wrote: > > Wouldn't it be useful for a userspace application that is > setuid root to be able to bypass the module's checks. > Isn't setuid ROOT generally assumed to be a "non-restricted" > condition? Well, this is a policy choice. In the case of the capability module, for example, setuid root does basically give you an unconstrained process. > How does the new paradigm change that, specifically, and > why SHOULD it do that? The new paradigm allows you to know when a setuid program is being executed and make any policy choice you want about the credentials of the program. if (full_moon && setuid) grant_full_priveleges; or whatever the policy may be ;-) thanks, -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jan 24 2002 - 13:05:23 PST