[OpenAFS] Kerberos 5 cache in /tmp

John Rudd jrudd@ucsc.edu
Wed, 7 Apr 2004 20:40:35 -0700

On Apr 7, 2004, at 8:07 PM, Kris Van Hees wrote:

> On Wed, Apr 07, 2004 at 07:50:30PM -0700, John Rudd wrote:
>> Capabilities solve that problem.
> Either way, as long as you have the ability to compile and install 
> your own
> kernel, there isn't anything that can be done.

Yes, capabilities doesn't solve the "use your own kernel" problem, it 
solves the "root user can read anything" problem.  (for one, capability 
systems don't necessarily have "root" users)