| 1 |
Greg KH posted <20040705200509.GB18900@×××××.com>, excerpted below, on |
| 2 |
Mon, 05 Jul 2004 13:05:09 -0700: |
| 3 |
|
| 4 |
> On Mon, Jul 05, 2004 at 09:33:34AM -0700, Duncan wrote: |
| 5 |
>> That's not a sufficient test. Mainline 2.6 kernels have standard Linux |
| 6 |
>> security capabilities broken out into their own module, now. Thus, it |
| 7 |
>> can be compiled in as traditional, compiled as a module (my |
| 8 |
>> configuration, with it specifically loaded at boot, since the kernel |
| 9 |
>> isn't smart enough to auto-load it on its own, yet) |
| 10 |
> |
| 11 |
> And how would you expect such a "auto-load" system to work for the |
| 12 |
> capabilities module? |
| 13 |
|
| 14 |
I really don't know. I really don't know how the kernel knows to load a |
| 15 |
LOT of the modules, but it does. |
| 16 |
|
| 17 |
Here's what I'd /suppose/. |
| 18 |
|
| 19 |
When BIND for instance attempted to load, and asked for a (generic) |
| 20 |
capacity not present in the kernel, instead of the kernel simply saying |
| 21 |
that capacity (generic sense, altho in this case it applies to the |
| 22 |
capacities module, specifically, as well) isn't available, it would check |
| 23 |
for the module in the standard location, and load it if it found it, then |
| 24 |
supply the requested (generic) capacity. |
| 25 |
|
| 26 |
Of course, from my simple viewpoint, that's no different than what |
| 27 |
happens now, when a (generic) capacity from one of the auto-loading |
| 28 |
modules is requested, causing it to be "auto-magically" loaded. |
| 29 |
Obviously, I'm missing something, but I'm not sure exactly what. All I |
| 30 |
know is that Capabilities can be modulized, now, but the first time I |
| 31 |
tried it (on Mandrake, which I'm switching from), BIND had a fit, so I had |
| 32 |
to go put it on the list to load specifically. |
| 33 |
|
| 34 |
BTW, thanks for the reply. It's been interesting at times, watching |
| 35 |
people respond to your posts, not having /any/ idea that you ARE one of |
| 36 |
the kernel developers, indeed, UDEV wouldn't be the same without you. <g> |
| 37 |
You don't wear it on your sleeve, or in a sig, like some would, and your |
| 38 |
name doesn't quite stand out like "Linus" would. =:^) |
| 39 |
|
| 40 |
(There's an interesting object lesson in studying the pictures of, say, |
| 41 |
Bill Gates when he had that pie thrown at him, against, say, Linus sitting |
| 42 |
on the dunk tank board. That ordinary user availability is one reason I'm |
| 43 |
here and no longer on an MS platform. I'd consider the fact that you |
| 44 |
don't find it necessary to put your kernel connections in your sig, a |
| 45 |
similar mark of humbleness and availability to the ordinary user, tho |
| 46 |
others may simply find it confusing.) |
| 47 |
|
| 48 |
-- |
| 49 |
Duncan - List replies preferred. No HTML msgs. |
| 50 |
"They that can give up essential liberty to obtain a little |
| 51 |
temporary safety, deserve neither liberty nor safety." -- |
| 52 |
Benjamin Franklin |
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
-- |
| 57 |
gentoo-dev@g.o mailing list |
Archives