Hello, FYI, LIDS use the following solution when shutdown, you can enter "SHUTDOWN" state which will apply only the "shutdown" ACL, in the shutdown ACL, you can * disable dangerous capability * let some needed programs to get that capability, for example, you can disable "CAP_NET_ADMIN", and make the shutdown network script to gain that capability. in this case, you can define a lest privilege acl when "shutdown". hope this help, Huagang On Mon, Aug 18, 2003 at 12:41:42PM -0700, Michael Halcrow wrote: .... -- LIDS secure linux kernel http://www.lids.org/ 1024D/B6EFB028 4731 2BF7 7735 4DBD 3771 4E24 B53B B60A B6EF B028
This archive was generated by hypermail 2b30 : Wed Aug 20 2003 - 00:14:32 PDT