--- Tetsuo Handa <[EMAIL PROTECTED]> wrote: > Hello. > > Casey Schaufler wrote: > > Fine grained capabilities are a bonus, and there are lots of > > people who think that it would be really nifty if there were a > > separate capability for each "if" in the kernel. I personally > > don't see need for more than about 20. That is a matter of taste. > > DG/UX ended up with 330 and I say that's too many. > > TOMOYO Linux has own (non-POSIX) capability that can support 65536 > capabilities > if there *were* a separate capability for each "if" in the kernel. > http://svn.sourceforge.jp/cgi-bin/viewcvs.cgi/trunk/2.1.x/tomoyo-lsm/patches/tomoyo-capability.diff?root=tomoyo&view=markup > > The reason I don't use POSIX capability is that the maximum types are limited > to > bitwidth of a variable (i.e. currently 32, or are we going to extend it to > 64). > This leads to abuse of CAP_SYS_ADMIN capability.
That is a matter of taste. > In other words, it makes fine-grained privilege division impossible. I personally believe that a finer granularity than about 20 is too fine. I understand that this is a minority opinion. Casey Schaufler [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html