[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <D1CQ1FZ72NIW.2U7ZH0GU6C5W5@kernel.org>
Date: Sat, 18 May 2024 14:08:09 +0300
From: "Jarkko Sakkinen" <jarkko@...nel.org>
To: "Jonathan Calmels" <jcalmels@...0.net>, "Casey Schaufler"
<casey@...aufler-ca.com>
Cc: <brauner@...nel.org>, <ebiederm@...ssion.com>, "Luis Chamberlain"
<mcgrof@...nel.org>, "Kees Cook" <keescook@...omium.org>, "Joel Granados"
<j.granados@...sung.com>, "Serge Hallyn" <serge@...lyn.com>, "Paul Moore"
<paul@...l-moore.com>, "James Morris" <jmorris@...ei.org>, "David Howells"
<dhowells@...hat.com>, <containers@...ts.linux.dev>,
<linux-kernel@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>,
<linux-security-module@...r.kernel.org>, <keyrings@...r.kernel.org>
Subject: Re: [PATCH 0/3] Introduce user namespace capabilities
On Fri May 17, 2024 at 10:11 PM EEST, Jonathan Calmels wrote:
> On Fri, May 17, 2024 at 10:53:24AM GMT, Casey Schaufler wrote:
> > Of course they do. I have been following the use of capabilities
> > in Linux since before they were implemented. The uptake has been
> > disappointing in all use cases.
>
> Why "Of course"?
> What if they should not get *all* privileges?
They do the job given a real-world workload and stress test.
Here the problem is based on a theory and an experiment.
Even a formal model does not necessarily map all "unknown unknowns".
BR, Jarkko
Powered by blists - more mailing lists