Talk:Hardening Concepts

From Funtoo
Jump to: navigation, search


It's not often talked about when hardening, but capabilities are an up-and-coming, arguably better, way of handling Privilege Escalation/Reduced Privileges.

Although Linux support is pretty low (AFAIK), I think it is something we (read: I) should look at.

-Apple 18:33, 27 November 2010 (CET)

I started looking into caps more myself. Windows has a capabilities-like mechanisms. Capabilities, though, at least the Linux implementation are based on a obsoleted POSIX specification draft or something like that. So in the greater ecosystem, I'm not sure how well supported they are. I'd encourage looking into them though and writing about them. Several packages have the caps USE flag.

Brantgurga 06:49, 28 November 2010 (CET)