| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Jul 2007 16:00:54 -0700 (PDT) From: Casey Schaufler <casey@...aufler-ca.com> To: Andrew Morgan <morgan@...nel.org>, "Serge E. Hallyn" <serge@...lyn.com> Cc: "Serge E. Hallyn" <serue@...ibm.com>, Chris Wright <chrisw@...s-sol.org>, Andrew Morgan <agm@...gle.com>, casey@...aufler-ca.com, Andrew Morton <akpm@...gle.com>, Stephen Smalley <sds@...ho.nsa.gov>, James Morris <jmorris@...ei.org>, linux-security-module@...r.kernel.org, lkml <linux-kernel@...r.kernel.org> Subject: Re: implement-file-posix-capabilities.patch --- Andrew Morgan <morgan@...nel.org> wrote: > no one has yet actually > given an example of where fE being richer than a simple binary helps > anything. Until I see an example, I'm going to hold the position that > this is needless "complexity". The only counter to this argument is that you now have a different structure on files than on processes. Not a major issue, but one structure to describe capability sets is less complex than two. That way you can have one function to print a capset, regardless of its coming off a file or a process. Just a thought. Casey Schaufler casey@...aufler-ca.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists