lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <87tzc7fht9.fsf@burp.tkv.asdf.org>
Date:	Tue, 23 Sep 2008 10:21:54 +0300
From:	Markku Savela <msa@...h.iki.fi>
To:	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] file capabilities: add no_file_caps switch (v2)


Andreas Gruenbacher <agruen@...e.de> writes:

> Sure, that would work as well, except that I think that file
> capabilities should always default to "on" as they will become a
> standard security mechanism before long. We just don't have much
> system management tool support yet, and I would like to give that
> some more time safely, without putting users at unnecessary risk.

As I've said elsewhere, I consider above a bad move. The "file
capabilities" are just setgid/setuid executables in disguise (although
with little finer control).

I would prefer two choices for capabilities:

 1) file capabilities, for those who think they work

 2) no file capabilities, but just normal inheritance. There should be
 nothing mystical about this. The credential (uid, groups) inherit
 just fine without problems. Why not capabilities?


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ