Re: [PATCH] per-process securebits
From: serge
Date: Fri Feb 01 2008 - 15:29:36 EST
Quoting Andrew G. Morgan (morgan@xxxxxxxxxx):
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Here is the patch to add per-process securebits.
>
> Its all code that lives inside the capability LSM and the new securebits
> implementation is only active if CONFIG_SECURITY_FILE_CAPABILITIES is
> enabled (it doesn't make much sense to support this feature without
> filesystem capabilities).
>
> The patch assumes the CAP_SETPCAP fix of last week, but is otherwise on
> top of 2.6.24-rc8-mm1.
Hey Andrew, I'm about to set up some ltp tests, but noticed the
following patch is needed on top of yours.
-serge