From: "Kaladis" <kaladis@gmx.de>
Subject: RE: Planning v1.2.0 - update2
Date: Thu, 2 Aug 2001 15:57:46 +0200
Next Article (by Author): RE: RSBAC based distribution. ALT Linux Castle beta 3. "Kaladis"
Previous Article (by Author): RE: Planning v1.2.0 - update2 "Kaladis"
Top of Thread: Planning v1.2.0 - update2 Amon Ott
Articles sorted by: [Date]
[Author]
[Subject]
Giving a program capabilities ain't that good... I'd rather prefer giving one particular user the capabilities for one particular file. In this case I think RC would be the way to go - Jörg Lübbert -----Original Message----- From: owner-rsbac@compuniverse.de [mailto:owner-rsbac@compuniverse.de]On Behalf Of Amon Ott Sent: Thursday, August 02, 2001 9:43 AM To: RSBAC List Subject: Re: Planning v1.2.0 - update2 On Mit, 01 Aug 2001 Arkady A Drovosekov wrote: > On Wed, Aug 01, 2001 at 10:15:21AM +0200, Amon Ott wrote: > > - Real network access control as descibed in previous mails, with > > socket-template and socket objects > what do you think about capabilities to bind to the ports < 1024 for non-root programs? OK, since there seems to be a demand for some capability support, I will think about how to add it. It will probably be some file or RC role attribute 'force caps', with a vector of desired caps. What would you prefer, a general, program file based solution in a separate module (controlled by all modules like AUTH), or an RC role based one? Amon. - To unsubscribe from the rsbac list, send a mail to majordomo@rsbac.org with unsubscribe rsbac as single line in the body. - To unsubscribe from the rsbac list, send a mail to majordomo@rsbac.org with unsubscribe rsbac as single line in the body.
Next Article (by Author): RE: RSBAC based distribution. ALT Linux Castle beta 3. "Kaladis"
Previous Article (by Author): RE: Planning v1.2.0 - update2 "Kaladis"
Top of Thread: Planning v1.2.0 - update2 Amon Ott
Articles sorted by: [Date]
[Author]
[Subject]