On Gwe, 2005-08-26 at 19:02 +0800, Coywolf Qi Hunt wrote: > > 3) admins can `promote' a suspect process instead of killing it. > > > > Is it also generally useful in practice? Thoughts?
The locking is wrong. At the moment the entire kernel assumes that a process uid is not changed by anyone else. After you've implemented uid locking/refcounting for tasks you can add the syscall but until then its not a good idea. I don't think its a good idea anyway - selinux can do far more useful things. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
