Subject: Re: kern.showallprocs implementation
To: Hubert Feyrer <hubert@feyrer.de>
From: Bill Studenmund <wrstuden@netbsd.org>
List: tech-kern
Date: 08/30/2005 11:30:35
--wchHw8dVAp53YPj8
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Aug 30, 2005 at 08:20:43PM +0200, Hubert Feyrer wrote:
> On Tue, 30 Aug 2005, Bill Studenmund wrote:
> >Well, what other suggestions do we have?
>=20
> Open up a seperate namespace?

Oh, I was hoping to restrict suggestions to what other suggestions do we=20
have for a name for this space for these features now. :-)

> It seems Solaris did that, skimming through privileges(5) and rbac(5).
> Of course a "full" implementation would also have all this on a=20
> per-process basis, not global. So that you can e.g. restrict only=20
> processes in one chroot.

I think something like that would be fine. It would be a separate=20
discussion, but a good one.

And if we went with the Solaris model, I think it should have its own=20
security.something namespace. :-)

Take care,

Bill

--wchHw8dVAp53YPj8
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFDFKXLWz+3JHUci9cRAorHAJkBBC82HtNfDvBerahDfsMiUC1SdQCfZoln
+ENhXlOne0d2pm09JspUOg4=
=mjLt
-----END PGP SIGNATURE-----

--wchHw8dVAp53YPj8--