[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Ssystem & non root



> KK>Of course. Why user processes are supposed to be interested in these
> KK>settings?
> Why not?
> It doesn't affect security and you can never know what this might be good
> for.
> I think you should never restrict more than neccessary (and not less)

Well you're generally right. But please tell me, how can user process
be interested in settings like SECURELEVEL or TSLICE? And what for? 

For some reason I'd like to keep at least SECURELEVEL secret (i.e. root 
only readable). User (esp. remote user) shouldn't have a chance to know
what security level is currently active.

I think you should never reveal more than it makes sense.

--
Konrad M.Kokoszkiewicz
|mail: draco@mi.com.pl                  | Atari Falcon030/TT030/65XE |
|http://www.orient.uw.edu.pl/~conradus/

** Ea natura multitudinis est,
** aut servit humiliter, aut superbe dominatur (Liv. XXIV,25)
*************************************************************
** U pospolstwa normalne jest, ze albo sluzy ono unizenie,
** albo bezczelnie sie panoszy.