Subject: Re: [PATCH] [request for inclusion] Realtime LSM
From: Alan Cox <alan@lxorguk.ukuu.org.uk>
To: Matt Mackall <mpm@selenic.com>
Cc: Andrew Morton <akpm@osdl.org>, ast@domdv.de, rlrevell@joe-job.com,
       Linux Kernel Mailing List <linux-kernel@vger.kernel.org>, mingo@elte.hu,
       joq@io.com
In-Reply-To: <20050107011309.GB2995@waste.org>
References: <1104374603.9732.32.camel@krustophenia.net>
	 <20050103140359.GA19976@infradead.org>
	 <1104862614.8255.1.camel@krustophenia.net>
	 <20050104182010.GA15254@infradead.org>
	 <1104865034.8346.4.camel@krustophenia.net> <41DB4476.8080400@domdv.de>
	 <1104898693.24187.162.camel@localhost.localdomain>
	 <20050104215010.7f32590e.akpm@osdl.org>
	 <20050105120601.GA8730@mail.13thfloor.at> <20050107011309.GB2995@waste.org>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-Id: <1105062723.17166.319.camel@localhost.localdomain>
Mime-Version: 1.0
Date: Fri, 07 Jan 2005 01:55:09 +0000
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 677
Lines: 15

On Gwe, 2005-01-07 at 01:13, Matt Mackall wrote:
> You can't fix them without changing the semantics for existing users
> in ways they didn't expect. It could be done with a new personality flag,
> but..

I disagree. At the most trivial you could just add another 32bits of
sticky capability that are never touched by setuid/non-setuidness and
represent additional "user" (or more rightly session) abilities to do
limited overrides

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/