From: "Mohammad A. Haque" <mhaque@haque.net>
To: imel96@trustix.co.id
Cc: "Albert D. Cahalan" <acahalan@cs.uml.edu>,
"Richard B. Johnson" <root@chaos.analogic.com>,
Alexander Viro <viro@math.psu.edu>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] Single user linux
Date: Wed, 25 Apr 2001 09:41:58 -0400 [thread overview]
Message-ID: <3AE6D427.F0C469D4@haque.net> (raw)
In-Reply-To: <20010425120319Z135634-682+3531@vger.kernel.org>
imel96@trustix.co.id wrote:
> for those who didn't read that patch, i #define capable(),
> suser(), and fsuser() to 1. the implication is all users
> will have root capabilities.
And this is better than just having the system auto-login as root because......?
>
> then i tried to bring up the single user thing to hear
> opinions (not flames). and by that, i actually didn't mean
> to have users share the same uid/gid 0. i know somebody
> will need to differentiate user.
>
> so when everybody suggested playing with login, getty, etc.
> i know you have got the wrong idea. if i wanted to play
> on user space, i'd rather use capset() to set all users
> capability to "all cap". that's the perfect equivalent.
>
> so the user space solution (capset()) works, but then came
> the idea to optimize away. that's what blow everybody up.
> don't get me wrong, i always agree with rik farrow when he
> wrote in ;login: that we should build software with security
> in mind.
>
> but i also hate bloat. lets not go to arm devices, how about
> a notebook. it's a personal thing, naturally to people who
> doesn't know about computer, personal doesn't go with multi
> user. by that i mean user with different capabilities, not
> different persons.
>
So don't install any services. The security in the kernel is not even
bloat compared to some of the cruft that you can just not install.
> - with that patch, people will still have authentication.
> so ssh for example, will still prevent illegal access, if
> you had an exploit you're screwed up anyway.
> sure httpd will give permission to everybody to browse
> a computer, but i don't think a notebook need to run it.
See above.
>
> so i guess i deserve opinions instead of flames. the
> approach is from personal use, not the usual server use.
> if you think a server setup is best for all use just say so,
> i'm listening.
I have Linux on my PowerBook. I don't have sendmail, httpd, mysql, and a
billion other 'server' processes running. Does that still make it a server?
We're not flaming (well some of us anyways). Just pointing out (loudly)
where your thinking is flawed.
> nah, performance was never my consideration. i do save about
> 3kb from my zImage, but i'm not interested.
But you just said you hate bloat. What other reason do you have for
hating bloat?
--
=====================================================================
Mohammad A. Haque http://www.haque.net/
mhaque@haque.net
"Alcohol and calculus don't mix. Project Lead
Don't drink and derive." --Unknown http://wm.themes.org/
batmanppc@themes.org
=====================================================================
next prev parent reply other threads:[~2001-04-25 13:42 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-04-25 12:04 [PATCH] Single user linux imel96
2001-04-25 13:00 ` Leonid Mamtchenkov
2001-04-25 13:07 ` Gerhard Mack
2001-04-25 21:30 ` John Cavan
2001-04-26 12:11 ` imel96
2001-04-26 12:24 ` David Weinehall
2001-04-26 12:36 ` Mohammad A. Haque
2001-04-26 12:33 ` Mohammad A. Haque
2001-04-26 12:34 ` Rasmus Bøg Hansen
2001-04-26 14:03 ` imel96
2001-04-26 17:00 ` Ken Brownfield
2001-04-26 17:22 ` Ian Stirling
2001-04-26 19:40 ` Mohammad A. Haque
2001-04-26 20:18 ` Ian Stirling
2001-04-26 20:47 ` Rasmus Bøg Hansen
2001-04-27 7:08 ` Albert D. Cahalan
2001-04-26 17:16 ` Stephen Satchell
2001-04-26 18:11 ` John Cavan
2001-04-27 9:30 ` imel96
2001-04-25 13:41 ` Mohammad A. Haque [this message]
2001-04-26 9:46 ` Helge Hafting
2001-04-26 11:31 ` imel96
2001-04-26 13:47 ` Ronald Bultje
2001-04-27 9:31 ` Helge Hafting
2001-04-27 13:45 ` Mohammad A. Haque
-- strict thread matches above, loose matches on Subject: below --
2001-04-25 20:58 Jesse Pollard
2001-04-25 18:34 Rick Hohensee
2001-04-25 20:12 ` Markus Schaber
[not found] <988158045.12859@whiskey.enposte.net>
2001-04-25 0:48 ` Stuart Lynne
2001-04-24 16:55 Torrey Hoffman
[not found] <Pine.LNX.4.33.0104241830020.11899-100000@tessy.trustix.co. id>
2001-03-18 18:13 ` changing mm->mmap_sem (was: Re: system call for process information?) Linus Torvalds
2001-04-24 11:44 ` [PATCH] Single user linux imel96
2001-04-24 12:04 ` Alexander Viro
2001-04-24 12:44 ` imel96
2001-04-24 12:58 ` Daniel Stone
2001-04-24 13:27 ` imel96
2001-04-24 13:38 ` Daniel Stone
2001-04-25 0:01 ` Aaron Lehmann
2001-04-25 0:07 ` Daniel Stone
2001-04-25 0:16 ` Alan Cox
2001-04-25 0:34 ` Daniel Stone
2001-04-25 0:52 ` Gerhard Mack
2001-04-25 7:46 ` Ronald Bultje
2001-04-25 14:17 ` Disconnect
2001-04-27 20:06 ` Jim Gettys
2001-04-26 19:41 ` Pavel Machek
2001-04-27 19:00 ` Erik Mouw
2001-04-27 13:12 ` Robert Varga
2001-04-27 13:34 ` Daniel Stone
2001-04-25 0:20 ` Aaron Lehmann
2001-04-25 0:32 ` Daniel Stone
2001-04-25 0:35 ` Aaron Lehmann
2001-04-25 0:43 ` Daniel Stone
2001-04-25 7:45 ` Alan Cox
2001-04-25 7:55 ` Daniel Stone
2001-04-25 15:07 ` Jonathan Lundell
2001-04-25 14:42 ` Jordan Crouse
2001-04-26 19:47 ` Pavel Machek
2001-04-25 1:12 ` Disconnect
2001-04-25 0:26 ` Jonathan Lundell
2001-04-25 7:13 ` Mike A. Harris
2001-04-25 7:04 ` Mike A. Harris
2001-04-26 19:35 ` Pavel Machek
2001-04-27 14:26 ` Daniel Stone
2001-04-24 13:40 ` Mohammad A. Haque
2001-04-25 5:29 ` Ben Ford
2001-04-24 12:59 ` Alexander Viro
2001-04-24 13:02 ` Sean Hunter
2001-04-24 13:03 ` Roland Seuhs
2001-04-24 13:50 ` Mike A. Harris
2001-04-24 13:13 ` Richard B. Johnson
2001-04-24 13:37 ` imel96
2001-04-25 7:57 ` Helge Hafting
2001-04-25 10:42 ` Albert D. Cahalan
2001-04-24 14:03 ` Alan Cox
2001-04-24 14:10 ` imel96
2001-04-24 14:27 ` Mike A. Harris
2001-04-24 14:30 ` Alan Cox
2001-04-24 15:07 ` Jeremy Jackson
2001-04-24 17:43 ` Russell King
2001-04-24 18:37 ` Garett Spencley
2001-04-24 12:51 ` Mohammad A. Haque
2001-04-24 13:07 ` Alexander Viro
2001-04-24 17:55 ` J Sloan
2001-04-24 17:06 ` Stephen Satchell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3AE6D427.F0C469D4@haque.net \
--to=mhaque@haque.net \
--cc=acahalan@cs.uml.edu \
--cc=imel96@trustix.co.id \
--cc=linux-kernel@vger.kernel.org \
--cc=root@chaos.analogic.com \
--cc=viro@math.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox