[OpenAFS] Kerberos 5 cache in /tmp
Rodney M Dyer
rmdyer@uncc.edu
Wed, 07 Apr 2004 20:21:44 -0400
At 07:17 PM 4/7/2004, you wrote:
>Thus spake Rodney M Dyer (rmdyer@uncc.edu):
>
> > True. But that problem only occurs because the kernel code allows all
> > memory to be read by "root". It would be nice if all OS's has a
> > "protected store" memory area who's sections could only be mapped to
> > each authenticated user.
>
>And who compiles and installes the kernel?
>
>Wasn't it -- root?
Ok, I guess I was asking for that one. :(
How about... On an OS that has a "protected store", even root isn't
allowed to install a kernel. The only people who can install kernels are
the people who have the firmware passwords for the machines? Will that work?
Rod