Finally i've made it
Ilmar S. Habibulin
ilmar at watson.org
Fri Jan 11 11:54:39 GMT 2002
One more problem - there is /etc/capability file, describing initial
capabilities for users. I have to delete it, in order to make login(1)
work properly, because when it trys to give capabilities to root user it
fails. And it fails because of 25.4.15.2 statement and initial
capabilities model conflict, imho. I always thought, that user after login
must have minimal (read zero) capabilities. And ACLs and CAPs are
instruments to implement some sort of RBAC.
Any thoughts? IMHO, capability(5) should be removed.
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list