Re: 2.6.6-mm1

From: Andrew Morton
Date: Mon May 10 2004 - 18:37:06 EST


Chris Wedgwood <cw@xxxxxxxx> wrote:
>
> On Mon, May 10, 2004 at 03:02:03PM -0700, Andrew Morton wrote:
>
> > Capabilities are broken and don't work. Nobody has a clue how to
> > provide the required services with SELinux and nobody has any code
> > and we need the feature *now* before vendors go shipping even more
> > ghastly stuff.
>
> eh? magic groups are nasty... and why is this needed? can't
> oracle/whatever just run with a wrapper to give the capabilities out
> as required until a better solution is available

capabilities all get dropped on the floor across exec(). We discussed this
on this list after Bill and I spent half a day getting cap_pam working,
only to discover that the kernel had been nobbled years ago.

> and who cares if vendors show something worse?

me.

> vendors ship crap all
> the time, that's partly why we have vendor kernels --- to ship crap
> that people want now w/o having to corrupt and pollute the cleanliness
> of the mainline kernel until a sufficiently well thought out sane plan
> can be devised

If vendors are forced to ship a nasty hack it often points at problems in
the mainline kernel. Certainly that's true in this case.

And if we are unable to fix the kernel acceptably then I'd prefer that the
expedient fix be in the mainstream kernel so as to prevent divergence in
user-visible features between vendor kernels.

And let's remember, code-wise, this is a very small change.

If someone comes up with an acceptable SELinux (or whatever)-based solution
then fine. But it's too late. This stuff is going out the door to end 2.6
users and that's just tough luck. The least we can do is to ensure that it
works the same across different vendor's kernels.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/