Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1761603AbcLPOzr (ORCPT <rfc822;w@1wt.eu>);
        Fri, 16 Dec 2016 09:55:47 -0500
Received: from mail-wm0-f67.google.com ([74.125.82.67]:35466 "EHLO
        mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1755331AbcLPOzi (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 16 Dec 2016 09:55:38 -0500
Subject: Re: RFC: capabilities(7): notes for kernel developers
To: Casey Schaufler <casey@schaufler-ca.com>,
        John Stultz <john.stultz@linaro.org>
References: <cdbc35f2-925e-aa65-98e7-a4ae4a5ded2c@gmail.com>
 <edb66332-86c9-6122-85c5-f856309cbfc1@schaufler-ca.com>
 <43dcc6dc-265b-5eaf-3a70-701e05200b9f@gmail.com>
 <9ed6371f-3d38-45b1-a85b-1fbb3e5b4fc7@schaufler-ca.com>
 <CALAqxLWr8+GpGG+geibKQqPxGHtPQbzYjEptjA4r+jNcRrMWvw@mail.gmail.com>
 <7a6b5f38-de8e-d8d4-e6f7-feae3f8d192e@schaufler-ca.com>
Cc: mtk.manpages@gmail.com, "Serge E. Hallyn" <serge@hallyn.com>,
        James Morris <jmorris@namei.org>, Kees Cook <keescook@chromium.org>,
        Andy Lutomirski <luto@amacapital.net>, Jann Horn <jann@thejh.net>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        linux-man <linux-man@vger.kernel.org>,
        linux-security-module <linux-security-module@vger.kernel.org>,
        lkml <linux-kernel@vger.kernel.org>
From: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
Message-ID: <e8a6d266-9870-2591-576b-927208683b5d@gmail.com>
Date: Fri, 16 Dec 2016 15:55:35 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <7a6b5f38-de8e-d8d4-e6f7-feae3f8d192e@schaufler-ca.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1612
Lines: 45

On 12/16/2016 01:44 AM, Casey Schaufler wrote:
> On 12/15/2016 4:31 PM, John Stultz wrote:
>> On Thu, Dec 15, 2016 at 12:40 PM, Casey Schaufler
>> <casey@schaufler-ca.com> wrote:
>>> On 12/15/2016 11:41 AM, Michael Kerrisk (man-pages) wrote:
>>>> On 12/15/2016 05:29 PM, Casey Schaufler wrote:
>>>>> CAP_WAKE_ALARM could readily be CAP_TIME.
>>>> Actually, I don't quite understand what you mean with that sentence.
>>>> Could you elaborate?
>>> Should have said CAP_SYS_TIME
>>>
>>> Setting an alarm could be considered a time management function,
>>> depending on what it actually does.
>> Just a nit here. CAP_WAKE_ALARM is more about the privilege of waking
>> a system from suspend, while CAP_SYS_TIME covers the ability to set
>> the time. One wouldn't necessarily want to give applications which
>> could wake a system up the capability to also set the time.
> 
> Doesn't really matter, except that an ignorant developer
> might make the mistake I did and assume that WAKE_ALARM
> was somehow related to time management. If you want to use
> it as an example don't let my dunderheadedness get in your
> way.

Actually, I decided it wasn't such a good example anyway.
That capability could potentially be generic. (But it probably
should better have been named something like 'CAP_WAKE_SYSTEM'.)

>> thanks
>> -john
> 
> Again, thank you for taking this on. It should be a
> big help.

You're welcome. And thanks for your help, Casey.

Cheers,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/