Subject: Re: kern.showallprocs implementation
To: Hubert Feyrer <hubert@feyrer.de>
From: Bill Studenmund <wrstuden@netbsd.org>
List: tech-kern
Date: 08/30/2005 11:30:35
--wchHw8dVAp53YPj8
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Aug 30, 2005 at 08:20:43PM +0200, Hubert Feyrer wrote:
> On Tue, 30 Aug 2005, Bill Studenmund wrote:
> >Well, what other suggestions do we have?
>=20
> Open up a seperate namespace?
Oh, I was hoping to restrict suggestions to what other suggestions do we=20
have for a name for this space for these features now. :-)
> It seems Solaris did that, skimming through privileges(5) and rbac(5).
> Of course a "full" implementation would also have all this on a=20
> per-process basis, not global. So that you can e.g. restrict only=20
> processes in one chroot.
I think something like that would be fine. It would be a separate=20
discussion, but a good one.
And if we went with the Solaris model, I think it should have its own=20
security.something namespace. :-)
Take care,
Bill
--wchHw8dVAp53YPj8
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)
iD8DBQFDFKXLWz+3JHUci9cRAorHAJkBBC82HtNfDvBerahDfsMiUC1SdQCfZoln
+ENhXlOne0d2pm09JspUOg4=
=mjLt
-----END PGP SIGNATURE-----
--wchHw8dVAp53YPj8--