[OpenAFS] Kerberos 5 cache in /tmp
John Rudd
jrudd@ucsc.edu
Wed, 7 Apr 2004 20:40:35 -0700
On Apr 7, 2004, at 8:07 PM, Kris Van Hees wrote:
> On Wed, Apr 07, 2004 at 07:50:30PM -0700, John Rudd wrote:
>> Capabilities solve that problem.
>
> Either way, as long as you have the ability to compile and install
> your own
> kernel, there isn't anything that can be done.
Yes, capabilities doesn't solve the "use your own kernel" problem, it
solves the "root user can read anything" problem. (for one, capability
systems don't necessarily have "root" users)