Hi Eric Thanks for your feedback . One of my to do work is neways : Analyse the security implications of removing the root user requirement and implement an ACL based check to prevent modifications of the global namespace
So, your adivse would b helpful :) On Thu, Jun 18, 2009 at 10:03 PM, Eric Van Hensbergen <[email protected]>wrote: > > It may be advisable to put those capabilities in their own class, that > way admins can conditionally restrict them -but without giving users > admin privs. > > Sent from my iPhone > > On Jun 18, 2009, at 2:07 PM, priyanka <[email protected]> wrote: > > > > > Hi all > > > > First of all, I am sorry to giving my updates so late. > > > > 1) I installed linux-2.6.29 with glendix patch on virtual machine as > > well as on my system > > 2) Understood the flow to complete my first task : Remove the root > > user requirement from clone and unshare > > 3) I have finished the task of removing root requirement by removing > > the CAP_SYS_ADMIN capability. This capability is used to the the root > > privilege. > > > > This was my first week task. I didn't do much in my second week as I > > had to relocate. > > > > Now, I am working on modification of rfork() system call used in > > glendix. > > I am using unshare sys_call to create per process namespace. > > > > I will try to complete this task in this week :) > > > > Thank You > > > > > > > > > -- Thanks & Regards Priyanka --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Plan 9 Google Summer of Code" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/plan9-gsoc?hl=en -~----------~----~----~----~------~----~------~--~---
