注意:

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Talk:Hardening Concepts

From Funtoo
Jump to navigation Jump to search

Caps

It's not often talked about when hardening, but capabilities are an up-and-coming, arguably better, way of handling Privilege Escalation/Reduced Privileges.

Although Linux support is pretty low (AFAIK), I think it is something we (read: I) should look at.

-Apple 18:33, 27 November 2010 (CET)

I started looking into caps more myself. Windows has a capabilities-like mechanisms. Capabilities, though, at least the Linux implementation are based on a obsoleted POSIX specification draft or something like that. So in the greater ecosystem, I'm not sure how well supported they are. I'd encourage looking into them though and writing about them. Several packages have the caps USE flag.

Brantgurga 06:49, 28 November 2010 (CET)