[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Design principles and ethics

From: Marcus Brinkmann
Subject: Re: Design principles and ethics
Date: Mon, 01 May 2006 00:38:25 +0200
User-agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.7 (Sanjō) APEL/10.6 Emacs/21.4 (i486-pc-linux-gnu) MULE/5.0 (SAKAKI)

At Sun, 30 Apr 2006 18:13:42 -0400,
"Jonathan S. Shapiro" <address@hidden> wrote:
> On Sun, 2006-04-30 at 21:24 +0200, Tom Bachmann wrote:
> > My _theory_ is that all suid applications are either unnecessary or can
> > be redesigned in a way similar to /sbin/passwd.
> It remains to be determined whether this redesign actually works....

Depends on what redesign you are talking about.  The first
approximation definitely works: Run suid programs as system services
which are advertised to the user via capabilities.

This is in fact much closer to the Unix way of doing suid
instantiation than the constructor mechanism (as it is normally used),
because in Unix the program runs unconfined on _durable_ resources.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]