--- Andrew Morgan <[EMAIL PROTECTED]> wrote:
> no one has yet actually
> given an example of where fE being richer than a simple binary helps
> anything. Until I see an example, I'm going to hold the position that
> this is needless "complexity".
The only counter to this argument is that you now
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge E. Hallyn wrote:
> 1. Exactly Andrew describes. Once userspace switches to a new cap
> format, an older kernel simply won't support them
Mmm. Let me see. I think I prefer this one! :-)
> 2. As Andrew describes, but also encode the version numb
All,
Regarding future/backward compatibility of file capabilities:
Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
...
> #define VFS_CAP_REVISION_MASK 0xFF00
> #define VFS_CAP_REVISION 0x0100
>
> #define VFS_CAP_FLAGS_MASK~VFS_CAP_RE
--- Andrew Morgan <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Casey Schaufler wrote:
> >> Would there be a difference between that and setting either fI or fP
> >> (depending on your intent) to those caps, and setting fE=1 in Andrew's
> >> scheme?
> >
> > Ar
Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Casey Schaufler wrote:
> >> Would there be a difference between that and setting either fI or fP
> >> (depending on your intent) to those caps, and setting fE=1 in Andrew's
> >> scheme?
> >
> > Arg, y
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Casey Schaufler wrote:
>> Would there be a difference between that and setting either fI or fP
>> (depending on your intent) to those caps, and setting fE=1 in Andrew's
>> scheme?
>
> Arg, you're making me think. The POSIX group went through this,
> l
--- "Serge E. Hallyn" <[EMAIL PROTECTED]> wrote:
> Quoting Casey Schaufler ([EMAIL PROTECTED]):
> >
> > --- Andrew Morgan <[EMAIL PROTECTED]> wrote:
> >
> > > -BEGIN PGP SIGNED MESSAGE-
> > > Hash: SHA1
> > >
> > > Serge E. Hallyn wrote:
> > > >> Does that explain it?
> > > >
> > > >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Casey Schaufler wrote:
>> The only reason for having an fE bitmap is to allow a capability-aware
>> program (you really trust to do its privileged operations carefully) to
>> be lazy and get some of its capabilities raised for free. Perhaps you
>> can
Quoting Casey Schaufler ([EMAIL PROTECTED]):
>
> --- Andrew Morgan <[EMAIL PROTECTED]> wrote:
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > Serge E. Hallyn wrote:
> > >> Does that explain it?
> > >
> > > Yes, thanks, but then it still could come in handy to have fE be a full
>
--- Andrew Morgan <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Serge E. Hallyn wrote:
> >> Does that explain it?
> >
> > Yes, thanks, but then it still could come in handy to have fE be a full
> > bitset, so the application gets some eff caps automatically, w
Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Serge E. Hallyn wrote:
> >> Does that explain it?
> >
> > Yes, thanks, but then it still could come in handy to have fE be a full
> > bitset, so the application gets some eff caps automatically, while
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge E. Hallyn wrote:
>> Does that explain it?
>
> Yes, thanks, but then it still could come in handy to have fE be a full
> bitset, so the application gets some eff caps automatically, while
> others it has to manually set...
[We touched on this a
Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Serge E. Hallyn wrote:
> >
> >> I don't particularly mind, but can you point out any case where
> >> it is an advantage to have the one bit for f'E rather than just
> >> drop f'E altogether? Instead
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge E. Hallyn wrote:
>
>> I don't particularly mind, but can you point out any case where
>> it is an advantage to have the one bit for f'E rather than just
>> drop f'E altogether? Instead of having
>
>> f'I=something
>> f'P=something
>>
On Sun, 24 Jun 2007, Serge E. Hallyn wrote:
> > 2) Allocate capability bit-31 for CAP_SETFCAP, and use it to gate
> > whether the user can set this xattr on a file or not. CAP_SYS_ADMIN is
> > way too overloaded and this functionality is special.
>
> The functionality is special, but someone with
Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Serge,
>
> [time passes]
>
> I'm a little better up to speed on all the kernel now. I don't feel that
> I conceptually object so much to this patch-series any more :-)
>
> I do, however, think t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge,
[time passes]
I'm a little better up to speed on all the kernel now. I don't feel that
I conceptually object so much to this patch-series any more :-)
I do, however, think the patch needs some work:
1) As previously discussed, fE should
Quoting Chris Wright ([EMAIL PROTECTED]):
> [folks, this is getting much too long-winded to stay a private thread]
>
> * Serge E. Hallyn ([EMAIL PROTECTED]) wrote:
> > Quoting Chris Wright ([EMAIL PROTECTED]):
> > > * Andrew Morgan ([EMAIL PROTECTED]) wrote:
> > > > I share Casey's view that what'
18 matches
Mail list logo
