Re: [RFC PATCH 1/2] security, capabilities: create CAP_TRUSTED

From: Serge E. Hallyn
Date: Sat Oct 21 2017 - 12:03:37 EST

Next message: Chris Metcalf: "Re: [GIT PULL] Introduce housekeeping subsystem v4"
Previous message: Tejun Heo: "Re: [PATCH] cgroup: reorder flexible array members of struct cgroup_root"
In reply to: Nicolas Belouin: "[RFC PATCH 2/2] fs: Grant CAP_TRUSTED rw access to trusted xattrs"
Next in thread: nicolas: "Re: [RFC PATCH 1/2] security, capabilities: create CAP_TRUSTED"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quoting Nicolas Belouin (nicolas@xxxxxxxxxx):
> with CAP_SYS_ADMIN being bloated, the usefulness of using it to
> flag a process to be entrusted for e.g reading and writing trusted
> xattr is near zero.
> CAP_TRUSTED aims to provide userland with a way to mark a process as
> entrusted to do specific (not specially admin-centered) actions. It
> would for example allow a process to red/write the trusted xattrs.

You say "for example". Are you intending to add more uses? If so, what
are they? If not, how about renaming it CAP_TRUSTED_XATTR?

What all does allowing writes to trusted xattrs give you? There are
the overlayfs whiteouts, what else?

Next message: Chris Metcalf: "Re: [GIT PULL] Introduce housekeeping subsystem v4"
Previous message: Tejun Heo: "Re: [PATCH] cgroup: reorder flexible array members of struct cgroup_root"
In reply to: Nicolas Belouin: "[RFC PATCH 2/2] fs: Grant CAP_TRUSTED rw access to trusted xattrs"
Next in thread: nicolas: "Re: [RFC PATCH 1/2] security, capabilities: create CAP_TRUSTED"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]