On Wed, Mar 13, 2002 at 12:55:07PM +0000, Pavel Machek wrote:
> Hi!
>
> > > Umm... By what magic? The entire interface _is_ root-only, isn't it?
> > > And root can do a lot of fun stuff, starting with editing the kernel
> > > image...
> >
> > No argument there.
> >
> > Do we want to assume all raw commands are CAP_SYS_RAWIO or break them down
> > a bit ?
>
> As noone seriously uses capabiities, anyway, I guess CAP_SYS_RAWIO for all
> is ok.
i believe the next debian (after the one currently stabilizing for
release) has "real" use of capabilities as a major goal although that
was hearsay and may be entirely false. the amount of work involved is
not insignificant
it'd certainly be a good thing to see. after all these years of slowly
converting things to use CAP_SYS_* instead of uid==0 i certainly don't
want that effort to be wasted.
j.
-- R N G G "Well, there it goes again... And we just sit I G G G here without opposable thumbs." -- gary larson - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Mar 15 2002 - 22:00:21 EST