[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070827150941.GA31042@vino.hallyn.com>
Date: Mon, 27 Aug 2007 10:09:42 -0500
From: "Serge E. Hallyn" <serge@...lyn.com>
To: Adrian Bunk <bunk@...nel.org>
Cc: Andrew Morgan <morgan@...nel.org>,
"Serge E. Hallyn" <serge@...lyn.com>, chrisw@...s-sol.org,
linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: [2.6 patch] remove securebits
Quoting Adrian Bunk (bunk@...nel.org):
> On Fri, Aug 24, 2007 at 08:50:10PM -0700, Andrew Morgan wrote:
> >
> > FWIW, in the mm kernel, I've actually already removed them when one
> > configures without capabilities.
> >
> > http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.23-rc3/2.6.23-rc3-mm1/broken-out/v3-file-capabilities-alter-behavior-of-cap_setpcap.patch
> >
> > Other than writing a custom module, so far as I can tell, there is/was
> > no way to set them anyway.
> >
> > I'd obviously prefer to wait for the mm-merge process to complete and
> > minimize the churn in this area, but I basically agree that the bits as
> > implemented are pretty useless in their current form. In a per-process
> > mode (with filesystem capability support) they are much more useful...
>
> It was in the tree for nine years (sic) without a single user...
That's because without file capabilities there was no way for a process
to retain capabilities across exec, so not having a privileged root user
was simply not workable.
> Are you only improving a dead horse, or do you also have a rider for the
> improved dead horse?
It will allow process trees to run with strict capabilities, without a
root user which automatically gains full capabilities. That wasn't
possible without file capabilities, since there was no way for processes
to retain capabilities across exec. Now that we have file capabilities,
it is feasible, and it certainly is useful.
-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists