Subject: Re: [linux-audio-dev] Re: linux-audio-dev Digest, Vol 2, Issue 24
From: Jack O'Quin (joq_AT_io.com)
Date: Wed Nov 19 2003 - 01:52:21 EET
Melanie <melanie_AT_t-data.com> writes:
> On 2003.11.19 00:00 Paul Davis wrote:
> > i don't think they want them even compiled into the kernel. think
> > about it: the security model they present is very complex, and very
> > distributed through the entire kernel. i don't think anyone could say
> > with complete confidence that even if you do not use the cmdline arg
> > that the presence of capabilities support does not pose a security issue.
>
> Well, capabilities are _always_ compiled into the kernel. The only
> thing changed to enable them are two static data values, specifically
> the ones used to start init with. This happens in one place and one
> place only. Instead of #defines, these could be globals. Of course
> they would need to be set before init is run, so a kernel command line
> parameter is the only place it can be done easily.
This is true. It would be easy to change and only affects two values.
But, if you consider the situation of servers running in a colocate
environment, many sysadmins would want to prevent even people with
physical access to the machine from being able to change their
security model so drastically.
-- joq
This archive was generated by hypermail 2b28 : Wed Nov 19 2003 - 01:51:26 EET