Re: [PATCH] [request for inclusion] Realtime LSM

From: Martin Mares
Date: Fri Jan 07 2005 - 11:11:53 EST

Next message: Vivek Goyal: "Re: SCSI aic7xxx driver: Initialization Failure over a kdump reboot"
Previous message: Arjan van de Ven: "Re: [PATCH] [request for inclusion] Realtime LSM"
In reply to: Paul Davis: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Paul Davis: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello!

> Olaf:
> -----
> Capabilities don't work, because of missing filesystem
> capabilities. If you have them, it's a question of setting the
> appropriate permitted, inheritable and effective capability sets.

Sure, filesystem capabilities would be nice, but for the stuff Paul
mentions they aren't needed -- what you need is to grant capabilities
to the user's session, which can be easily done by a PAM module.

Have a nice fortnight
--
Martin `MJ' Mares <mj@xxxxxx> http://atrey.karlin.mff.cuni.cz/~mj/
Faculty of Math and Physics, Charles University, Prague, Czech Rep., Earth
"C++: an octopus made by nailing extra legs onto a dog." -- Steve Taylor
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Vivek Goyal: "Re: SCSI aic7xxx driver: Initialization Failure over a kdump reboot"
Previous message: Arjan van de Ven: "Re: [PATCH] [request for inclusion] Realtime LSM"
In reply to: Paul Davis: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Paul Davis: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]