Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Tue, 29 Oct 2002 06:29:31 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Tue, 29 Oct 2002 06:29:31 -0500 Received: from ns.suse.de ([213.95.15.193]:40452 "EHLO Cantor.suse.de") by vger.kernel.org with ESMTP id convert rfc822-to-8bit; Tue, 29 Oct 2002 06:29:30 -0500 Content-Type: text/plain; charset=US-ASCII From: Andreas Gruenbacher Organization: SuSE Linux AG To: Olaf Dietsche Subject: Re: [PATCH][RFC] 2.5.44 (1/2): Filesystem capabilities kernel patch Date: Tue, 29 Oct 2002 12:35:51 +0100 User-Agent: KMail/1.4.3 Cc: linux-kernel@vger.kernel.org, Chris Evans , Ulrich Drepper , Pavel Machek References: <200210290323.09565.agruen@suse.de> <87n0oxmrhn.fsf@goat.bogus.local> In-Reply-To: <87n0oxmrhn.fsf@goat.bogus.local> MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Message-Id: <200210291235.51299.agruen@suse.de> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1401 Lines: 30 On Tuesday 29 October 2002 12:09, Olaf Dietsche wrote: > Andreas Gruenbacher writes: > > A perhaps unrelated note: We once had Pavel Machek's elfcap > > implementation, in which capabilities were stored in ELF. This was a bad > > idea because being able to create executables does not imply the user is > > capable of CAP_SETFCAP, and users shouldn't be able to freely choose > > their capabilities :-] We still want > > I remember this hack and since I hear this claim every now and then, I > downloaded his patch and verified with the source. Pavel's capability > patch was about _restricting_ not granting capabilities, so it's more > like an inheritable, rather than a permitted, set. > > At least that was his intention. I didn't verify this with the > appropriate kernel sources from 1999. I forgot to CC Pavel the last time. Elfcap probably truly was restrictive only. This is comparable to dropping capabilities very early in the suid root binaries themselves, and thus not a significant improvement. We want to be able to also grant capabilities (not only restrict them), so we may have fewer suid root binaries. --Andreas. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/