You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2005-09-28 18:05:09
- T-Dawg
- Forum Fellow
- From: Charlotte, NC
- Registered: 2005-01-29
- Posts: 2,736
capabilities module
Modinfo says this is a linux securtiy module, which doesn't tell me a whole lot.
Can anyone explain what exactly this does and what its used for other than vsftd?
Offline
#2 2005-09-28 21:36:53
- cactus
- Taco Eater
- From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
- Registered: 2004-05-25
- Posts: 4,622
- Website
Re: capabilities module
I believe 'capabilities' was some security implementation in the 2.4 kernel series. In the 2.5 line, the LSM was used (linux security module), which allows a stackable security interface.
SELinux, LIDS, and a few other MAC systems utilize the lsm. I imagine that 'capabilities' was carried forward in some regard, and rewritten to utilize the LSM for its policy backend. Never used it myself though..so I dont know what 'capabilities' is for sure..
"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍
Offline
#3 2005-09-29 05:10:58
- awalk
- Member
- From: Perth, Western Australia
- Registered: 2005-02-14
- Posts: 40
Re: capabilities module
http://en.wikipedia.org/wiki/Capability_%28computers%29
Maybe that'll answer some questions? Don't have any experience using the Linux implementation.
Offline
#4 2005-09-29 11:21:10
- T-Dawg
- Forum Fellow
- From: Charlotte, NC
- Registered: 2005-01-29
- Posts: 2,736
Re: capabilities module
hmm...so I take it this 'capabilities module' is an active mechanism to stop other programs from modifying permissions to other files and programs through security hooks or stackable security interfaces(?).
Regardless, I gather this is mainly used for servers not desktops, which was my main concern in the first place.
Thanks guys.
Offline
Pages: 1