John Summerfield said once upon a time (Thu, 23 Nov 2000):
> A better system (and it's been around for 20 years or so that I know of)
> requires no changes to programs to secure them; the can even be on public view.
>
> The security manager would issue a command that goes something like this:
> grant user(tony) program(usr/sbin/pppd) access(exec);
>
> and Tony could use pppd, but can't read it, copy it or do anything to see
> what's in it.
>
> There would also have been something like this:
> grant program(/usr/sbin/pppd) device(/dev/ttyS?) access (read write);
>
> Tony can't use the serial ports (unless there's a separate rule for him to do
> so), but pppd can.
>
> Note I made up the syntax on the spot; I think the intention's clear.
>
> Programs and other resources are secured because the security manager says so;
> programs do not need to have any hooks in them to enable security control.
You are describing ACLs. The ACL patch for the Linux is well maintained.
Go crazy....
http://acl.bestbits.at/
Dax
_______________________________________________
Redhat-devel-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-devel-list
