Arnaldo Carvalho de Melo writes:
> Em Wed, Aug 30, 2000 at 10:49:22PM -0400, Richard Gooch escreveu:
> > Tigran Aivazian writes:
> > > On Sat, 26 Aug 2000, Arnaldo Carvalho de Melo wrote:
> > > > - if ((current->tty != tty) && !suser())
> > > > + if ((current->tty != tty) && !capable(CAP_SYS_ADMIN))
> > >
> > > how about fixing mtrr driver to use capabilities as well? Last time I
> > > tried it, Richard objected (well, I put a lot of unnecessary stuff at the
> > > time so he objected to the entire patch, suser was a small part
> > > thereof) but perhaps now we can sneak it in and he won't notice :)
> >
> > Grumble. Someone tell me why we can't just remove the suser() calls
> > entirely and instead test if the file has write access? That's what
> > the permissions on the file are for. Read access lets people take a
> > look, but write access is required to change anything.
>
> I'll take a look at it tomorrow, maybe some other places can benefit
> from this.
Thanks. After all, what do we have file/device permissions for, if we
don't use them. Why use/invent another mechanism (which just adds more
code) when the file permissions have a natural mapping to what's
allowed and what isn't.
Regards,
Richard....
Permanent: rgooch@atnf.csiro.au
Current: rgooch@ras.ucalgary.ca
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 31 2000 - 21:00:26 EST