--- Joshua Brindle <[email protected]> wrote:
> capabilities are so course grained I just can't see
> anyone ever using them.
The granularity of the capabilities in the POSIX
DRAFT is targeted at the security policy enforced
by the POSIX P1003.1 interface standard. Anywhere
that P1003.1 says "appropriate privilege" P1003.1e
identifies what that privilege ought to be. The
capability specification also addresses the audit,
MAC and INF portions of P1003.1e. Interfaces
that were outside the scope of P1003.1 at the
time (including, alas, sockets and SVIPC) could
not be included in P1003.1e by rule. Devices
and filesystems, where most of the granularity
issues arise, were excluded.
The 1e DRAFT specifies a granularity that is
appropriate to the kernel and the policies that
the kernel enforces. This is because the
capability mechanism is supposed to be a kernel
protection scheme for kernel objects.
It does not enforce a granularity that is
appropriate to a python based web interface
for financial management systems. That is an
application issue that is much better suited
to application controls like RBAC.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Video 4 Linux]
[Linux for the blind]