22 Jun
2009
22 Jun
'09
7:43 p.m.
On Mon, 22.06.09 23:35, Jörn Nettingsmeier (nettings(a)folkwang-hochschule.de) wrote:
Lennart Poettering wrote:
Gah. You are so annoying.
rtkit includes the watchdog only as additional a-posteriori security
measure. The focus is clearly on a-priori security measures, i.e. not
handing out RT sched in a way that could be misused in the first place.
This is explicitly stressed in the README. Did you bother to read
that? No of course not.
Lennart
--
Lennart Poettering Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/ GnuPG 0x1A015CC4
On Mon, 22.06.09 09:33, Arnold Krille
(arnold(a)arnoldarts.de) wrote:
You practically cannot take group membership away from a user after
you gave it to him, and also adding a seperate group for every tiny
bit you need to authorize access to doesn't scale.
security is a matter of good design, not of "oh, look, he has become
evil, let's revoke his privileges" ad-hockery.