Re: Capabilities done right [diff against 2.3.1]

Horst von Brand (vonbrand@inf.utfsm.cl)
Mon, 24 May 1999 10:27:48 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David S. Miller: "Re: suspicious lock code in sys_sunos.c and sys_sunos32.c"
Previous message: Horst von Brand: "Re: linux-2.3.[23] won't boot with egcs-2.93.22: Some progress"

Jamie Lokier <lkd@tantalophile.demon.co.uk> said:
> Pavel Machek wrote:
> > > I may want to _strip_ shellscripts of power.

> > Ok, that's legitimate. In such case , we'll have to modify shell to
> > understand something like --drop, so that beggining of shell would
> > look like

> > #!/bin/bash --drop NET_BIND_SERVICE

> > . Which again has nice property like surviving NFS/ftp transfers etc.

> You don't need to modify the shell.
> Simply:

> #!/bin/setcap --drop NET_BIND_SERVICE /bin/bash

Both presume an all-powerfull shell to start with.

-- Dr. Horst H. von Brand mailto:vonbrand@inf.utfsm.cl Departamento de Informatica Fono: +56 32 654431 Universidad Tecnica Federico Santa Maria +56 32 654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: David S. Miller: "Re: suspicious lock code in sys_sunos.c and sys_sunos32.c"
Previous message: Horst von Brand: "Re: linux-2.3.[23] won't boot with egcs-2.93.22: Some progress"