> > It seems that in order to take full advantage of capabilities, files should > >not be owned by root. Files should be owned by a non-login user (e.g. bin). > > That would not be a logical step. Right now programs such as rlogin, ssh, > NFS etc make sure that you cannot login as root or that root rights > get smashed. If your box is cracked somehow, it often is the case that > people can get any userid they like _except_ root. If the system binaries > are owned by a non-root uid, that will lower security quite significantly.
Why can't those programs be enhanced to protect the `bin' user? Anyway, al those protections were designed with the traditional security scheme in mind. So yes, this is a real problem, and these utilities should be changed. Sooner or later we'll need to address all this. I can't see why don't we start now.
