> > >>> ...and works only for some types of files (how about a webserver
> > >>> written in Perl?).
>
> [...]
>
> > {Shrug} Perhaps somebody can suggest some way that capabilities can
> > have meaning for a script, any script if it comes to that?
>
> A script in Unix is just another random way to write a program that does
> what I want. Nothing special there. Note that today's scripts are (almost)
> undistinguishable from binary, compiled programs: They may carry the same
> permissions (execute permissions for whom, even S[UG]ID bits (not on all
> Unices, but several honor them)). If some scheme can't do the same (at least
> in principle) for capabilities, it is fundamentally flawed. No "all
> capable" interpreter should be needed, as this is a _huge_ security risk,
> the kernel might as well endow this particular process with the requested
> capabilities, and nothing else.
Why is all capable interpretter huge security risk? Look at
suidperl. It drops priviledges _then_ it looks at code, so overflow in
its parsing routines is not going to help you.
Pavel
PS: Any all capable file is huge security risk. I do not see why
interpretters are any worse :-).
-- I'm really pavel@atrey.karlin.mff.cuni.cz. Pavel Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/