Re: [PATCH] capabilites, take 2
From: Olaf Dietsche
Date: Fri May 14 2004 - 00:36:32 EST
> On Thu, 13 May 2004 18:20:10 PDT, Chris Wright said:
>> I think it still needs more work. Default behavoiur is changed, like
>> Inheritble is full rather than clear, setpcap is enabled, etc. Also,
>> why do you change from Posix the way exec() updates capabilities? Sure,
>> there is no filesystem bits present, so this changes the calculation,
>> but I'm not convinced it's as secure this way. At least with newcaps=0.
> The last time the "capabilities" thread reared its head a while ago, Andy made
> a posting that pretty conclusively showed that the Posix way was totally b0rken
> if you ever intended to support filesystem bits. So if you wanted to ever have
> a snowball's chance of supporting something like:
> chcap cap_net_raw+ep /bin/ping
Seems like you're not aware of:
This supports filesystem capabilities with the current (POSIX?)
implementation. So, whatever Andy has shown, it has at least one
counter evidence q.e.d.
> 2) Toss all the filesystems capabilities support out the window.
I agree to disagree ;-)
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/