> > > not required to contain a section table. And please do *not* change the
> > > header identification.
> >
> > Changing header ID is hack so that we can make executables that are
> > _not_ compatible with previous kernels.
>
> why not just make it not execute without any priviledges under older
> kernels? The mechanizm could be this:
>
> - extra section holding priviledge data, only used by newer kernels
> [this is your solution], plus:
>
> - new kernel 'fakes' a setuid root bit, so these binaries can be easily
> identified even with old (priviledge-unaware) 'ls'. (The executable
> bit is not touched.)
What I do not understand is when new kernel is going to store this
information? There are executables which have capabilities
headers. Some of them have to be trusted, other not. Where is new
kernel going to store this info?
Pavel
-- The best software in life is free (not shareware)! Pavel GCM d? s-: !g p?:+ au- a--@ w+ v- C++@ UL+++ L++ N++ E++ W--- M- Y- R+- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/