[cap-talk] Capabilities and LDAP (was Reducing Ambient user authority in a Type Safe /Memory Safe OS.)
bklooste at gmail.com
Fri Dec 18 21:41:38 PST 2009
Monty , how do you map the capabilities to specific capabilities on each
machine ? eg lets say your part of the LDAP sysadmins group which gives you
the right to install , stop and start device drivers and services on all
machines. When a user is added to this LDAP group he gets the right but how
do you ensure this right is granted on Capability OS machines ? Do you do
it the same is have local groups with a certain set of rights eg
deviceManager and serviceManager and add the LDAP group to the local group ?
However this changes the concept of a local group from a capability list .
More information about the cap-talk