Re: [capabilities] Allow normal inheritance for a configurable set of capabilities

From: Serge E. Hallyn
Date: Tue Feb 03 2015 - 12:30:04 EST


Quoting Christoph Lameter (cl@xxxxxxxxx):
> On Tue, 3 Feb 2015, Serge E. Hallyn wrote:
>
> > So again I think the pA seems like an elegant way to work around this.
> > I'm interested in other ideas, but I worry about the proc solution Christoph
> > proposed because it would be system- or namespace-wide, rather than
> > per-process.
>
> Ok can we have a patch that realizes this? Maybe only a rough one?

I can't work on one today, but if noone else gets to it I'd like to
try to get to it later this week.

Would be good to have patches for both approaches, to compare.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/