> -----Original Message----- > From: Jussi Laako [mailto:[email protected]] > Sent: Wednesday, October 16, 2013 2:24 AM > To: Schaufler, Casey > Cc: [email protected]; Le Foll, Dominique > Subject: Re: [Dev] Tizen 3.0 proposal for fixing OSP/WRT/Core hard-coded > UID issue > > On 15.10.2013 17:41, Schaufler, Casey wrote: > >> But this doesn't require root, just a capability attribute for the > >> launcher binary itself to permit this just for the launcher? And the > >> launcher can be fired up as part of the session and will gain the > >> capability from the filesystem attribute rather than through process > inheritance? > > > > Yes, this is also a viable approach. It requires a launcher for each user. > > The > launchers are going to have to communicate with each other to coordinate > (or so I'm told) seat placement and the like, but it is possible. I understand > that a single launcher is greatly preferred. > > Even with single launcher it could run as non-root with it's own UID and just > have enough capabilities to do it's task?
Certainly. Locking down the invididual POSIX capabilities is more work, but it's just work. _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
