On Wednesday 05 November 2003 14:57, [EMAIL PROTECTED] wrote: > kernel-desktop can have all the preempt stuff and other things (setpcap?) > you do not want to have on your server.
actually capabilities are exactly for server for all I can say. It allows you to run services with reduced privileges thus reducing the possible intrusion impact. BTW one interesting thing in 2.6 is including of SE Linux. Anyone has tried it (as separate distribution possibly) and can comment on impact on system configuration? It could finally be used to replace/supplement secure kernel. -andrey
