On Thursday, February 09, 2012 02:32:00 PM Eric Paris wrote:
With this enabled we will break people directly launching login
utilities instead of going through init. However it will allow us to
remove some permissions from applications (CAP_AUDIT_CONTROL) since
setting the loginuid will no longer be a privileged operation and will
greatly increase the reliability of audit logs to be able to attest to
what user performed what operation.
Making the login uid immutable would be nice, but I don't get the part about
removing privileges. Setting the login uid is a privileged operation. It always
has to be that way.