-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alle 05:18, giovedì 19 giugno 2003, Eugene Teo ha scritto: > user$ rm Makefile > password: *** > Invalid password. Denied. > user$ With the attached example I've got a word for you: LSM (lsm.immunix.org). You have to write a kernel module which use lsm-provided hooks do deny operations like that if the user is not allowed. I don't think denying a user from deleting a own file is a good idea however (IMHO, of course). > to prompt the user "Hey, tell me who u r first!" before they can run > it. Sorry but I'm a bit confused. A user has already performed the login phase so your kernel *knows* who he is and current->uid tells in every moment you need. I think you could play wisely with file permission and group division then you could write an lsm module to enforce your policies. Ciao ciao thesponge - -- $>cd /pub $>more beer (0> //\ Perego Paolo <p_perego@modiano.com> - www.sikurezza.org/angel V_/_ 'Diverso non significa necessariamente peggiore.' I'm Linux drow 2.4.19-4GB - SuSE Linux 8.1 (i386) powered. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+8WFOe2SOXFIw7OcRApX6AJ4xDxBKgEJU0OEEc8H3blv4D170ZACeLcet 7byQCd9OcFvHCfXNZGX8t/E= =irXw -----END PGP SIGNATURE----- -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
