Re: Filesystem Capabilities in 2.6?

Andreas Gruenbacher (agruen@suse.de)
Tue, 5 Nov 2002 05:14:53 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Skip Ford: "Re: Linux v2.5.46"
Previous message: Werner Almesberger: "Re: [PATCH] Module loader against 2.5.46: 8/9"

On Friday 01 November 2002 19:32, Dax Kelson wrote:
> On Fri, 2002-11-01 at 01:49, Rusty Russell wrote:
> > I'm down to 8 undecided features: 6 removed and one I missed earlier.
>
> How about Olaf Dietsche's filesystem capabilities support? It has been
> posted a couple times to LK, yesterday even.
>
>
> We've had capabilities for ages (2.2?) but no filesystem support.
>
> OpenBSD is recently bragging about no longer having any SUID root
> binaries on the system.
>
> With FS capabilities we (Linux) can have the same situation. Security
> is a hot topic, and anything the kernel can do make security
> better/easier seems worthy of consideration.

We have little experience with full blown capability enabled systems. Rushing
things doesn't seem like a good idea. IMO we should wait until vendors have
integrated FS caps before adding this to the standard kernel.

--Andreas.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Skip Ford: "Re: Linux v2.5.46"
Previous message: Werner Almesberger: "Re: [PATCH] Module loader against 2.5.46: 8/9"