From: "Mohammad A. Haque" <mhaque@haque.net>
To: imel96@trustix.co.id
Cc: "Albert D. Cahalan" <acahalan@cs.uml.edu>,
"Richard B. Johnson" <root@chaos.analogic.com>,
Alexander Viro <viro@math.psu.edu>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] Single user linux
Date: Wed, 25 Apr 2001 09:41:58 -0400 [thread overview]
Message-ID: <3AE6D427.F0C469D4@haque.net> (raw)
In-Reply-To: <20010425120319Z135634-682+3531@vger.kernel.org>
imel96@trustix.co.id wrote:
> for those who didn't read that patch, i #define capable(),
> suser(), and fsuser() to 1. the implication is all users
> will have root capabilities.
And this is better than just having the system auto-login as root because......?
>
> then i tried to bring up the single user thing to hear
> opinions (not flames). and by that, i actually didn't mean
> to have users share the same uid/gid 0. i know somebody
> will need to differentiate user.
>
> so when everybody suggested playing with login, getty, etc.
> i know you have got the wrong idea. if i wanted to play
> on user space, i'd rather use capset() to set all users
> capability to "all cap". that's the perfect equivalent.
>
> so the user space solution (capset()) works, but then came
> the idea to optimize away. that's what blow everybody up.
> don't get me wrong, i always agree with rik farrow when he
> wrote in ;login: that we should build software with security
> in mind.
>
> but i also hate bloat. lets not go to arm devices, how about
> a notebook. it's a personal thing, naturally to people who
> doesn't know about computer, personal doesn't go with multi
> user. by that i mean user with different capabilities, not
> different persons.
>
So don't install any services. The security in the kernel is not even
bloat compared to some of the cruft that you can just not install.
> - with that patch, people will still have authentication.
> so ssh for example, will still prevent illegal access, if
> you had an exploit you're screwed up anyway.
> sure httpd will give permission to everybody to browse
> a computer, but i don't think a notebook need to run it.
See above.
>
> so i guess i deserve opinions instead of flames. the
> approach is from personal use, not the usual server use.
> if you think a server setup is best for all use just say so,
> i'm listening.
I have Linux on my PowerBook. I don't have sendmail, httpd, mysql, and a
billion other 'server' processes running. Does that still make it a server?
We're not flaming (well some of us anyways). Just pointing out (loudly)
where your thinking is flawed.
> nah, performance was never my consideration. i do save about
> 3kb from my zImage, but i'm not interested.
But you just said you hate bloat. What other reason do you have for
hating bloat?
--
=====================================================================
Mohammad A. Haque http://www.haque.net/
mhaque@haque.net
"Alcohol and calculus don't mix. Project Lead
Don't drink and derive." --Unknown http://wm.themes.org/
batmanppc@themes.org
=====================================================================
next prev parent reply other threads:[~2001-04-25 13:42 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-04-25 12:04 [PATCH] Single user linux imel96
2001-04-25 13:00 ` Leonid Mamtchenkov
2001-04-25 13:07 ` Gerhard Mack
2001-04-25 21:30 ` John Cavan
2001-04-26 12:11 ` imel96
2001-04-26 12:24 ` David Weinehall
2001-04-26 12:36 ` Mohammad A. Haque
2001-04-26 12:33 ` Mohammad A. Haque
2001-04-26 12:34 ` Rasmus Bøg Hansen
2001-04-26 14:03 ` imel96
2001-04-26 17:00 ` Ken Brownfield
2001-04-26 17:22 ` Ian Stirling
2001-04-26 19:40 ` Mohammad A. Haque
2001-04-26 20:18 ` Ian Stirling
2001-04-26 20:47 ` Rasmus Bøg Hansen
2001-04-27 7:08 ` Albert D. Cahalan
2001-04-26 17:16 ` Stephen Satchell
2001-04-26 18:11 ` John Cavan
2001-04-27 9:30 ` imel96
2001-04-25 13:41 ` Mohammad A. Haque [this message]
2001-04-26 9:46 ` Helge Hafting
2001-04-26 11:31 ` imel96
2001-04-26 13:47 ` Ronald Bultje
2001-04-27 9:31 ` Helge Hafting
2001-04-27 13:45 ` Mohammad A. Haque
-- strict thread matches above, loose matches on Subject: below --
2001-04-25 20:58 Jesse Pollard
2001-04-25 18:34 Rick Hohensee
2001-04-25 20:12 ` Markus Schaber
[not found] <988158045.12859@whiskey.enposte.net>
2001-04-25 0:48 ` Stuart Lynne
[not found] <Pine.LNX.4.33.0104241830020.11899-100000@tessy.trustix.co. id>
2001-03-18 18:13 ` changing mm->mmap_sem (was: Re: system call for process information?) Linus Torvalds
2001-04-24 11:44 ` [PATCH] Single user linux imel96
2001-04-24 12:04 ` Alexander Viro
2001-04-24 12:44 ` imel96
2001-04-24 12:58 ` Daniel Stone
2001-04-24 13:27 ` imel96
2001-04-24 13:38 ` Daniel Stone
2001-04-25 0:01 ` Aaron Lehmann
2001-04-25 0:07 ` Daniel Stone
2001-04-25 0:16 ` Alan Cox
2001-04-25 0:34 ` Daniel Stone
2001-04-25 0:52 ` Gerhard Mack
2001-04-25 7:46 ` Ronald Bultje
2001-04-25 14:17 ` Disconnect
2001-04-27 20:06 ` Jim Gettys
2001-04-26 19:41 ` Pavel Machek
2001-04-27 19:00 ` Erik Mouw
2001-04-27 13:12 ` Robert Varga
2001-04-27 13:34 ` Daniel Stone
2001-04-25 0:20 ` Aaron Lehmann
2001-04-25 0:32 ` Daniel Stone
2001-04-25 0:35 ` Aaron Lehmann
2001-04-25 0:43 ` Daniel Stone
2001-04-25 7:45 ` Alan Cox
2001-04-25 7:55 ` Daniel Stone
2001-04-25 15:07 ` Jonathan Lundell
2001-04-25 14:42 ` Jordan Crouse
2001-04-26 19:47 ` Pavel Machek
2001-04-25 1:12 ` Disconnect
2001-04-25 0:26 ` Jonathan Lundell
2001-04-25 7:13 ` Mike A. Harris
2001-04-25 7:04 ` Mike A. Harris
2001-04-26 19:35 ` Pavel Machek
2001-04-27 14:26 ` Daniel Stone
2001-04-24 13:40 ` Mohammad A. Haque
2001-04-25 5:29 ` Ben Ford
2001-04-24 12:59 ` Alexander Viro
2001-04-24 13:02 ` Sean Hunter
2001-04-24 13:03 ` Roland Seuhs
2001-04-24 13:50 ` Mike A. Harris
2001-04-24 13:13 ` Richard B. Johnson
2001-04-24 13:37 ` imel96
2001-04-25 7:57 ` Helge Hafting
2001-04-25 10:42 ` Albert D. Cahalan
2001-04-24 14:03 ` Alan Cox
2001-04-24 14:10 ` imel96
2001-04-24 14:27 ` Mike A. Harris
2001-04-24 14:30 ` Alan Cox
2001-04-24 15:07 ` Jeremy Jackson
2001-04-24 17:43 ` Russell King
2001-04-24 18:37 ` Garett Spencley
2001-04-24 12:51 ` Mohammad A. Haque
2001-04-24 13:07 ` Alexander Viro
2001-04-24 17:55 ` J Sloan
2001-04-24 17:06 ` Stephen Satchell
2001-04-24 16:55 Torrey Hoffman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3AE6D427.F0C469D4@haque.net \
--to=mhaque@haque.net \
--cc=acahalan@cs.uml.edu \
--cc=imel96@trustix.co.id \
--cc=linux-kernel@vger.kernel.org \
--cc=root@chaos.analogic.com \
--cc=viro@math.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.