Re: [PATCH] Document how capability bits work
From: Rob Landley
Date: Fri Dec 07 2012 - 20:10:00 EST
On 12/07/2012 01:32:18 PM, Andy Lutomirski wrote:
On Fri, Dec 7, 2012 at 11:21 AM, Serge Hallyn
<serge.hallyn@xxxxxxxxxxxxx> wrote:
> Quoting Andy Lutomirski (luto@xxxxxxxxxxxxxx):
>> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
>> ---
>> Documentation/security/capabilities.txt | 161
++++++++++++++++++++++++++++++++
>> 1 file changed, 161 insertions(+)
>> create mode 100644 Documentation/security/capabilities.txt
>
> TBH, I think a pointer to the capabilities.7 man page would be
better.
> (plus, if you feel they are needed, updates to the man page)
Updating capabilities.7 wouldn't be a bad idea, but IMO it certainly
needs work. For example, it says:
...
I would be happy to revise this patch to reference capabilities.7.
The capabilities.7 man page is existing maintained documentation on how
to use this from userspace, which seems to be the point of your
document. Having include/linux/uapi/capability.h mention its existence
might be good. Feeding fixes to the documentation we've already got
would be good.
I read your document having largely ignored capabilities for years, and
don't feel I have a better understanding of them after reading it. (I'm
aware they exist, I'm aware they're used as a justification for
extended attributes, I'm aware people think breaking a fireplace into a
bunch of candleflames increases fire safety. I'm aware of
http://forums.grsecurity.net/viewtopic.php?f=7&t=2522 and I _used_ to
be aware of
http://userweb.kernel.org/~morgan/sendmail-capabilities-war-story.html
but kernel.org never bothered putting most of itself back together
after the breakin last year and archive.org doesn't have a copy. I'm
aware that a decade ago at Atlanta Linux Showcase in california Ted Tso
was sad nobody was using them yet. But I haven't hugely been tracking
changes over the last 5 years in how they work. It looks like figuring
out who has what involves working through exercises in set theory that
cannot be explained using a 127 bit ascii set. Personally, I prefer
"more dangerous" security setups that don't require I pull out scratch
paper to reason about the state of the system, so perhaps I'm biased
here.)
Rob--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/