Re: syscall: sys_promote

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Alan Cox wrote:

On Gwe, 2005-08-26 at 19:02 +0800, Coywolf Qi Hunt wrote:
3) admins can `promote' a suspect process instead of killing it.

Is it also generally useful in practice?  Thoughts?

The locking is wrong. At the moment the entire kernel assumes that a
process uid is not changed by anyone else. After you've implemented uid
locking/refcounting for tasks you can add the syscall but until then its
not a good idea. I don't think its a good idea anyway - selinux can do
far more useful things.


Indeed. "Also it's not obvious that locking can be done right (or that anybody cares). " We can ignore it safely. sys_promote is a different approach from selinux. sys_promote is to let sysadmin manually manipulate a running process,
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]
  Powered by Linux