Re: Filesystem Capabilities in 2.6?

From: Olaf Dietsche (olaf.dietsche#list.linux-kernel@t-online.de)
Date: Fri Nov 01 2002 - 17:07:30 EST


Dax Kelson <dax@gurulabs.com> writes:

> On Fri, 2002-11-01 at 01:49, Rusty Russell wrote:
>> I'm down to 8 undecided features: 6 removed and one I missed earlier.
>
> How about Olaf Dietsche's filesystem capabilities support? It has been
> posted a couple times to LK, yesterday even.

Judging from the silence, I guess my mails take the direct route from
inbox to /dev/null ;-). But never mind, since the patch is very small,
it's easy for people to add fs capabilities themselves, if they're
interested.

> We've had capabilities for ages (2.2?) but no filesystem support.

#define _LINUX_CAPABILITY_VERSION 0x19980330 says, it's at least four
and a half years old.

> OpenBSD is recently bragging about no longer having any SUID root
> binaries on the system.
>
> With FS capabilities we (Linux) can have the same situation. Security
> is a hot topic, and anything the kernel can do make security
> better/easier seems worthy of consideration.

I think, it's not time for bragging yet, until fs capabilities get
quite a bit more testing.

Regards, Olaf.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Thu Nov 07 2002 - 22:00:22 EST