Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756201AbbBCRaA (ORCPT ); Tue, 3 Feb 2015 12:30:00 -0500 Received: from h2.hallyn.com ([78.46.35.8]:43665 "EHLO h2.hallyn.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756088AbbBCR36 (ORCPT ); Tue, 3 Feb 2015 12:29:58 -0500 Date: Tue, 3 Feb 2015 18:29:56 +0100 From: "Serge E. Hallyn" To: Christoph Lameter Cc: "Serge E. Hallyn" , Andy Lutomirski , Serge Hallyn , Casey Schaufler , Serge Hallyn , Jonathan Corbet , Aaron Jones , "Ted Ts'o" , LSM List , "linux-kernel@vger.kernel.org" , Andrew Morton Subject: Re: [capabilities] Allow normal inheritance for a configurable set of capabilities Message-ID: <20150203172956.GA4860@mail.hallyn.com> References: <54CFB9B8.8020701@schaufler-ca.com> <20150202180806.GE24351@ubuntumail> <20150203154651.GC2923@mail.hallyn.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 819 Lines: 19 Quoting Christoph Lameter (cl@linux.com): > On Tue, 3 Feb 2015, Serge E. Hallyn wrote: > > > So again I think the pA seems like an elegant way to work around this. > > I'm interested in other ideas, but I worry about the proc solution Christoph > > proposed because it would be system- or namespace-wide, rather than > > per-process. > > Ok can we have a patch that realizes this? Maybe only a rough one? I can't work on one today, but if noone else gets to it I'd like to try to get to it later this week. Would be good to have patches for both approaches, to compare. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/