Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sat, 2 Nov 2002 23:48:33 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sat, 2 Nov 2002 23:48:33 -0500 Received: from neon-gw-l3.transmeta.com ([63.209.4.196]:27150 "EHLO neon-gw.transmeta.com") by vger.kernel.org with ESMTP id ; Sat, 2 Nov 2002 23:48:31 -0500 Date: Sat, 2 Nov 2002 20:54:45 -0800 (PST) From: Linus Torvalds To: Alexander Viro cc: Oliver Xymoron , Olaf Dietsche , "Theodore Ts'o" , Dax Kelson , Rusty Russell , , Subject: Re: Filesystem Capabilities in 2.6? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 900 Lines: 29 On Sat, 2 Nov 2002, Alexander Viro wrote: > > No, that's OK - > > mount --bind /usr/bin/foo.real /usr/bin/foo.real > mount -o remount,nosuid /usr/bin/foo.real Ehh. With the nosuid mount that will remove the effectiveness of the suid bit (not just the user change - it will also mask off the elevation of the capabilities), so the bind-mount with the capability mask will now mask off nothing to start with. Wouldn't it be much nicer to have: /usr/bin/foo - no suid bits, no capabilities by default mount --bind --capability=xx,yy /usr/bin/foo /usr/bin/foo where the mount actually adds capabilities? Looks more understandable to me. Linus - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/