From: Leonid Mamtchenkov <leonid@francoudi.com>
To: imel96@trustix.co.id
Cc: "Albert D. Cahalan" <acahalan@cs.uml.edu>,
"Richard B. Johnson" <root@chaos.analogic.com>,
Alexander Viro <viro@math.psu.edu>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] Single user linux
Date: Wed, 25 Apr 2001 16:00:41 +0300 [thread overview]
Message-ID: <20010425160041.B4099@francoudi.com> (raw)
In-Reply-To: <20010425120319Z135634-682+3531@vger.kernel.org>
In-Reply-To: <20010425120319Z135634-682+3531@vger.kernel.org>; from imel96@trustix.co.id on Wed, Apr 25, 2001 at 12:04:26PM +0000
Hello imel96@trustix.co.id,
Once you wrote about "Re: [PATCH] Single user linux":
> first, i think i owe you guys apology for didn't make myself
> clear, which is going harder if you irritated.
> even my subject went wrong, as the patch isn't really about
> single user (which confuse some people).
>
> for those who didn't read that patch, i #define capable(),
> suser(), and fsuser() to 1. the implication is all users
> will have root capabilities.
>
> then i tried to bring up the single user thing to hear
> opinions (not flames). and by that, i actually didn't mean
> to have users share the same uid/gid 0. i know somebody
> will need to differentiate user.
>
> so when everybody suggested playing with login, getty, etc.
> i know you have got the wrong idea. if i wanted to play
> on user space, i'd rather use capset() to set all users
> capability to "all cap". that's the perfect equivalent.
>
> so the user space solution (capset()) works, but then came
> the idea to optimize away. that's what blow everybody up.
> don't get me wrong, i always agree with rik farrow when he
> wrote in ;login: that we should build software with security
> in mind.
>
> but i also hate bloat. lets not go to arm devices, how about
> a notebook. it's a personal thing, naturally to people who
> doesn't know about computer, personal doesn't go with multi
> user. by that i mean user with different capabilities, not
> different persons.
>
> i haven't catch up with all my mails, but my response to
> some:
> - linux is stable not only because security.
> - linux was designed for multi-user, dos f.eks. is designed
> for personal use, so does epoc, palmos, mac, etc.
> - i even use plan9 with kfs restrictions disabled sometimes,
> cause i don't have cpu server, auth server, etc.
> - with that patch, people will still have authentication.
> so ssh for example, will still prevent illegal access, if
> you had an exploit you're screwed up anyway.
> sure httpd will give permission to everybody to browse
> a computer, but i don't think a notebook need to run it.
>
> so i guess i deserve opinions instead of flames. the
> approach is from personal use, not the usual server use.
> if you think a server setup is best for all use just say so,
> i'm listening.
Then, is there any advantage over booting linux with "single" option?
LILO: linux single
--
Best regards,
Leonid Mamtchenkov
System Administrator
next prev parent reply other threads:[~2001-04-25 13:04 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-04-25 12:04 [PATCH] Single user linux imel96
2001-04-25 13:00 ` Leonid Mamtchenkov [this message]
2001-04-25 13:07 ` Gerhard Mack
2001-04-25 21:30 ` John Cavan
2001-04-26 12:11 ` imel96
2001-04-26 12:24 ` David Weinehall
2001-04-26 12:36 ` Mohammad A. Haque
2001-04-26 12:33 ` Mohammad A. Haque
2001-04-26 12:34 ` Rasmus Bøg Hansen
2001-04-26 14:03 ` imel96
2001-04-26 17:00 ` Ken Brownfield
2001-04-26 17:22 ` Ian Stirling
2001-04-26 19:40 ` Mohammad A. Haque
2001-04-26 20:18 ` Ian Stirling
2001-04-26 20:47 ` Rasmus Bøg Hansen
2001-04-27 7:08 ` Albert D. Cahalan
2001-04-26 17:16 ` Stephen Satchell
2001-04-26 18:11 ` John Cavan
2001-04-27 9:30 ` imel96
2001-04-25 13:41 ` Mohammad A. Haque
2001-04-26 9:46 ` Helge Hafting
2001-04-26 11:31 ` imel96
2001-04-26 13:47 ` Ronald Bultje
2001-04-27 9:31 ` Helge Hafting
2001-04-27 13:45 ` Mohammad A. Haque
-- strict thread matches above, loose matches on Subject: below --
2001-04-25 20:58 Jesse Pollard
2001-04-25 18:34 Rick Hohensee
2001-04-25 20:12 ` Markus Schaber
[not found] <988158045.12859@whiskey.enposte.net>
2001-04-25 0:48 ` Stuart Lynne
[not found] <Pine.LNX.4.33.0104241830020.11899-100000@tessy.trustix.co. id>
2001-03-18 18:13 ` changing mm->mmap_sem (was: Re: system call for process information?) Linus Torvalds
2001-04-24 11:44 ` [PATCH] Single user linux imel96
2001-04-24 12:04 ` Alexander Viro
2001-04-24 12:44 ` imel96
2001-04-24 12:58 ` Daniel Stone
2001-04-24 13:27 ` imel96
2001-04-24 13:38 ` Daniel Stone
2001-04-25 0:01 ` Aaron Lehmann
2001-04-25 0:07 ` Daniel Stone
2001-04-25 0:16 ` Alan Cox
2001-04-25 0:34 ` Daniel Stone
2001-04-25 0:52 ` Gerhard Mack
2001-04-25 7:46 ` Ronald Bultje
2001-04-25 14:17 ` Disconnect
2001-04-27 20:06 ` Jim Gettys
2001-04-26 19:41 ` Pavel Machek
2001-04-27 19:00 ` Erik Mouw
2001-04-27 13:12 ` Robert Varga
2001-04-27 13:34 ` Daniel Stone
2001-04-25 0:20 ` Aaron Lehmann
2001-04-25 0:32 ` Daniel Stone
2001-04-25 0:35 ` Aaron Lehmann
2001-04-25 0:43 ` Daniel Stone
2001-04-25 7:45 ` Alan Cox
2001-04-25 7:55 ` Daniel Stone
2001-04-25 15:07 ` Jonathan Lundell
2001-04-25 14:42 ` Jordan Crouse
2001-04-26 19:47 ` Pavel Machek
2001-04-25 1:12 ` Disconnect
2001-04-25 0:26 ` Jonathan Lundell
2001-04-25 7:13 ` Mike A. Harris
2001-04-25 7:04 ` Mike A. Harris
2001-04-26 19:35 ` Pavel Machek
2001-04-27 14:26 ` Daniel Stone
2001-04-24 13:40 ` Mohammad A. Haque
2001-04-25 5:29 ` Ben Ford
2001-04-24 12:59 ` Alexander Viro
2001-04-24 13:02 ` Sean Hunter
2001-04-24 13:03 ` Roland Seuhs
2001-04-24 13:50 ` Mike A. Harris
2001-04-24 13:13 ` Richard B. Johnson
2001-04-24 13:37 ` imel96
2001-04-25 7:57 ` Helge Hafting
2001-04-25 10:42 ` Albert D. Cahalan
2001-04-24 14:03 ` Alan Cox
2001-04-24 14:10 ` imel96
2001-04-24 14:27 ` Mike A. Harris
2001-04-24 14:30 ` Alan Cox
2001-04-24 15:07 ` Jeremy Jackson
2001-04-24 17:43 ` Russell King
2001-04-24 18:37 ` Garett Spencley
2001-04-24 12:51 ` Mohammad A. Haque
2001-04-24 13:07 ` Alexander Viro
2001-04-24 17:55 ` J Sloan
2001-04-24 17:06 ` Stephen Satchell
2001-04-24 16:55 Torrey Hoffman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010425160041.B4099@francoudi.com \
--to=leonid@francoudi.com \
--cc=acahalan@cs.uml.edu \
--cc=imel96@trustix.co.id \
--cc=linux-kernel@vger.kernel.org \
--cc=root@chaos.analogic.com \
--cc=viro@math.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox