next up previous contents
Next: Timers Up: Process Management Previous: User and Group Identity   Contents

Capabilities

The ability to get or set the capability sets of another process is controlled by Flask. Flask controls the use of capabilities by requiring that a process also have a corresponding capability permission. Hence, possession of a capability is necessary but not sufficient to have the corresponding privilege when Flask is enabled. Since Flask directly controls the use of capabilities, it is not necessary to control the setting and inheritance of capability sets other than ensuring that the ability of a process to observe or change the capability sets of another process is controlled.

Flask could be extended to provide a finer-grained replacement mechanism for capabilities. Such a mechanism was developed for one of Flask's predecessors, the DTOS system. This mechanism permitted privileges to be granted based on both the attributes of the process and the attributes of the relevant object, e.g. discretionary read override could be granted to a particular set of files. Since the mechanism obtained privilege decisions from the Flask security server, management of privileges was centralized and verification that privileges were granted appropriately was straightforward.


next up previous contents
Next: Timers Up: Process Management Previous: User and Group Identity   Contents