It is not a showstopper. Your capabilities do NOT prevent you from
trojan horses. If you run program with uid=0, it does not need any
special privileges to screw you up. [Hint: who is owner of /etc/passwd?]
Then don't run programs setuid root! This is why using setuid root as
the method for marking that a file has capabilities is a complete
non-starter, as we have discussed before.
- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/