On Sun, 23 Mar 2008 20:21:29 +0200 "Alon Bar-Lev" <[EMAIL PROTECTED]> wrote: > linux-2.6.24 supports file based capabilities via: > CONFIG_SECURITY_FILE_CAPABILITIES > > This will provide more secured installation for users with a little > effort, less usage of root user. > > What do you think?
Needs package manager support. Effectively this requires an EAPI bump, since ebuilds need to know whether they can rely upon caps being preserved across a merge or whether they have to degrade to a setuid bit. Package manager support shouldn't be very hard, and there just needs to be a minimal interface for it, so an EAPI proposal shouldn't be tricky (and if there's call for it, you could ask for EAPI 2 being EAPI 1 + file caps). -- Ciaran McCreesh
signature.asc
Description: PGP signature
