On Mon, 22.06.09 23:35, Jörn Nettingsmeier (nettings@email-addr-hidden-hochschule.de) wrote:
> Lennart Poettering wrote:
> > On Mon, 22.06.09 09:33, Arnold Krille (arnold@email-addr-hidden) wrote:
> >
> >
> > You practically cannot take group membership away from a user after
> > you gave it to him, and also adding a seperate group for every tiny
> > bit you need to authorize access to doesn't scale.
>
> security is a matter of good design, not of "oh, look, he has become
> evil, let's revoke his privileges" ad-hockery.
Gah. You are so annoying.
rtkit includes the watchdog only as additional a-posteriori security
measure. The focus is clearly on a-priori security measures, i.e. not
handing out RT sched in a way that could be misused in the first place.
This is explicitly stressed in the README. Did you bother to read
that? No of course not.
Lennart
-- Lennart Poettering Red Hat, Inc. lennart [at] poettering [dot] net http://0pointer.net/lennart/ GnuPG 0x1A015CC4 _______________________________________________ Linux-audio-dev mailing list Linux-audio-dev@email-addr-hidden http://lists.linuxaudio.org/mailman/listinfo/linux-audio-devReceived on Tue Jun 23 04:15:03 2009
This archive was generated by hypermail 2.1.8 : Tue Jun 23 2009 - 04:15:03 EEST