On Tue, Oct 11, 2005 at 06:24:20AM -0500, Geiger Guenter wrote: > This means that it has to be dropped. Thats ok with me, it means less > work. What was the reason again for not including the capabilities as > a module ?
Making Security modules actually modular means they don't have the full view of the process and generally is a bad idea. For the specific case of capabilities there even was an exploit in the past. If we want to support a given security module in debian we should compile it into the kernel statically. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
