>> You want to allow shellscripts with special powers?!?!?
>
> I may want to _strip_ shellscripts of power.
I suppose you intend to turn normal user abilities into default
capabilities. (the ability to write to a writable file...)
I think that has the same problem, but nevermind.
It is also dangerous to add default capabilities because apps may drop
unknown capabilities, causing failure at some critical point.
> I may want to give special power to certain Javascripts (assuming I'd ever
> trust the java engine itself). I do _not_ consider it acceptable to give
> all powers to the java interpreter in general, but I _do_ consider it
> acceptable to give special capabilities to certain scripts.
When the interpreter and script both have capabilities marked...?
> The ELF notes way doesn't allow that.
You give capabilities to your trusted interpreter.
It handles the issue according to whatever policy is needed.
> Do you start to see a pattern here now? It's not about ELF. It's about
> everything ELSE. It's about doing something right, and not getting stuck
> with a bad decision forever.
You only get stuck with the existance of the mechanism, which isn't
too bad. The mechanism may be needed anyway for non-native filesystems.
Nothing prevents the creation of an alternate system that overrides the
ELF header. (so there is no need to even look at the ELF notes in that case)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/