Seth Arnold wrote:
> On Fri, Dec 08, 2006 at 01:36:57PM -0600, Serge E. Hallyn wrote:
>
>> The other is that root can lose capabilities by executing files with
>> only some capabilities set. The next two patches change these
>> behaviors.
>>
> I saw this in my code review and thought that
On Fri, Dec 08, 2006 at 01:36:57PM -0600, Serge E. Hallyn wrote:
> The other is that root can lose capabilities by executing files with
> only some capabilities set. The next two patches change these
> behaviors.
I saw this in my code review and thought that this behaviour was
intentional. :) It
--- "Serge E. Hallyn" <[EMAIL PROTECTED]> wrote:
> Quoting Casey Schaufler ([EMAIL PROTECTED]):
> >
> > --- "Serge E. Hallyn" <[EMAIL PROTECTED]> wrote:
> >
> > > ...
> > > The other is that root can lose capabilities by
> > > executing files with
> > > only some capabilities set. The next two
Quoting Casey Schaufler ([EMAIL PROTECTED]):
>
> --- "Serge E. Hallyn" <[EMAIL PROTECTED]> wrote:
>
> > ...
> > The other is that root can lose capabilities by
> > executing files with
> > only some capabilities set. The next two patches
> > change these
> > behaviors.
>
> It was the intention
--- "Serge E. Hallyn" <[EMAIL PROTECTED]> wrote:
> ...
> The other is that root can lose capabilities by
> executing files with
> only some capabilities set. The next two patches
> change these
> behaviors.
It was the intention of the POSIX group that
capabilities be independent of uid. I would
In an lwn.net article, Jonathan Corbet made two very helpful comments
about the file capabilities patch currently being tested in -mm. The
first is that capabilities are being honored on nosuid filesystems.
The other is that root can lose capabilities by executing files with
only some capabilities
6 matches
Mail list logo
