On Friday, April 8, 2016 5:14:42 PM CEST, M. J. Everitt wrote:
On 08/04/16 16:02, Rich Freeman wrote:
The only mandatory component in a linux system, by definition, is the
Linux kernel.
A linux system could consist of nothing but a kernel with
init=/usr/local/bin/hello-world.
Most traditional linux distros are going to run policykit though. Of ...
Being serious though, and playing Devil's Advocate of course, assuming
you have no use for a desktop manager, etc, hence no need for dbus or
it's 'friends' and policykit or it's pals, and you're not a "systemd
fan" etc .. how are we granting the correct permissions for binaries ..
just relying now on the owner and execute bits being set perfectly for
each binary, assuming everything is arbitrarily moved to /xbin ...
owner and x bit is not a security measure at all: if you need +x, you just
compile your own in ~ that you'll own. what is a security measure is kernel
refusing to give you access to ressources so that your binary does what it
is supposed to (either standard kernel or more complex things like grsec)
