Re: ext3 to include capabilities?

Alan Cox (alan@lxorguk.ukuu.org.uk)
Fri, 2 Apr 1999 00:02:16 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Meelis Roos: "Re: ext3 to include capabilities?"
Previous message: Brian J. Zuk: "error seeking in /dev/kmem, in kernel 2.2.3"
In reply to: Tigran Aivazian: "[q] no line info for __init functions?"
Next in thread: Albert D. Cahalan: "Re: ext3 to include capabilities?"
Reply: Albert D. Cahalan: "Re: ext3 to include capabilities?"
Reply: Pavel Machek: "Re: ext3 to include capabilities?"

> Better way:

Not really

> 1. Put capabilities information in the executable header.
> 2. Mark the executable setuid root.
> 3. Have the kernel check for #1 if #2, and prefer #1 if present.

That confuses everyones security scripts. It makes the binary run as root
on an older system, so if you downgrade you get a massive security hole

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Meelis Roos: "Re: ext3 to include capabilities?"
Previous message: Brian J. Zuk: "error seeking in /dev/kmem, in kernel 2.2.3"
In reply to: Tigran Aivazian: "[q] no line info for __init functions?"
Next in thread: Albert D. Cahalan: "Re: ext3 to include capabilities?"
Reply: Albert D. Cahalan: "Re: ext3 to include capabilities?"
Reply: Pavel Machek: "Re: ext3 to include capabilities?"