Date: Fri, 8 Sep 2006 06:16:32 +0200
From: David Madore <david.madore@ens.fr>
To: "Serge E. Hallyn" <serue@us.ibm.com>
Cc: Linux Kernel mailing-list <linux-kernel@vger.kernel.org>
Subject: Re: patch to make Linux capabilities into something useful (v 0.3.1)
Message-ID: <20060908041632.GC24135@clipper.ens.fr>
References: <20060905212643.GA13613@clipper.ens.fr> <20060906182531.GA24670@sergelap.austin.ibm.com> <20060906222731.GA10675@clipper.ens.fr> <20060907000441.GA22240@clipper.ens.fr> <20060907230630.GA15538@sergelap>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20060907230630.GA15538@sergelap>
User-Agent: Mutt/1.5.9i
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1288
Lines: 29

On Thu, Sep 07, 2006 at 06:06:30PM -0500, Serge E. Hallyn wrote:
> I'm not sure reserving all 32 for 'regular' caps is the way
> to go, since we're about to overflow the 32 bits of sysadm caps
> already.  What about maybe 20 regular caps?

Yes, that could easily be arranged.  I've tried to be careful and
nowhere asssume that the regular caps were precisely numbers 32
through 63.

> No need to do this now for my sake, but if you repost these, doing so
> in 3 separate emails with the patches inline will make it more likely
> that people read them.

I'll do this now for version 0.4.2, which merges with your own
filesystem support.  I made one noteworthy change to your code, by the
way, which is to disable the "permitted" (=forced) set of capabilities
on executables whose filesystem is mounted nosuid: I think this is a
reasonable constraint, to avoid the attack where a luser mounts a usb
key with xattrs in the filesystem or something like that.

-- 
     David A. Madore
    (david.madore@ens.fr,
     http://www.madore.org/~david/ )
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/