Hi Mike, (resend as text as html mail are blocked)
Le sam. 10 nov. 2018 à 22:59, W. Michael Petullo <m...@flyn.org> a écrit : > > Capabilities are an important security mechanism on Linux because they > allow programs to run with fewer privileges. What you really want is ambient capabilities (Linux 4.3+), it allow you to keep just some capabilities as non root and without filesystem support, so this can be supported in all cases Etienne > I would like to propose that > we enable security labels by default on filesystems like ext4. This is > done by selecting the following kernel build option: > > File systems -> (The Extended 4 (ext4) filesystem) Ext4 Security > Labels > > I have already submitted a pull request which should allow > our build servers to provide the corresponding libcap utilities. See: > > https://github.com/openwrt/packages/pull/7368 > > -- > Mike > > :wq > > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
