On Sun, 22 Sep 2002, Juli Mallett wrote: > Maybe just replace all suser(9) uses with MAC credential checks, and > install MAC_UNIX by default, which would be set up to behave like > ye olden UNIX... Who knows.
Something like that sounds like a really good idea. I'd like to see this not only for binding to low ports but also, for example, to set the system time -- this would let you run ntpd as non-root. It'd be interesting to have a system one day where once you've gone past single user mode, root drops all its privs and acts just like a normal user account and daemon accounts only have special privs handed out to them in little chunks. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
