[KLUG Members] Linux and MacIntosh
Adam Williams
members@kalamazoolinux.org
25 Jun 2002 07:05:10 -0400
>>>problem presents itself: Mandatory Access Control. This tosses
>>>out the tired concept of root and makes access to all system calls
>>>available on a specific basis, so things like "Power Users" in NT speak can be
>>>created. But Mandatory Access Control is not yet well integrated
>>>into mainstream distributions.
>>Is this Mandatory Access Control available for people to implement
>>though?
>Yes, it is in the stock kernel.
>>Where to find out about it?
>Ay, theres the rub!
>/usr/src/linux/include/linux/capability.h
>There have been some printed artciles, but I think all in publications
>that are not defunct/offline.
Here is some more -
ftp://ftp.guardian.no/pub/free/linux/capabilities/capfaq.txt
http://freshmeat.net/projects/pam_capability/
I keep forgetting that Mandatory Access Control is sometimes called
capability support, as what you grant access to are called
"capabilities".