Message-ID: <20060908160814.64210.qmail@web36612.mail.mud.yahoo.com>
Date: Fri, 8 Sep 2006 09:08:14 -0700 (PDT)
From: Casey Schaufler <casey@schaufler-ca.com>
Reply-To: casey@schaufler-ca.com
Subject: Re: patch to make Linux capabilities into something useful (v 0.3.1)
To: linux-kernel@vger.kernel.org
In-Reply-To: <20060908104550.GA920@elf.ucw.cz>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7BIT
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1117
Lines: 35


There is lots of talk regarding the interaction
between setuid and capabilities. While the
current semanitics that lack file system
support include (of necessity) interaction
the intent of the POSIX scheme completely
divorces the setuid mechanism from the
capability scheme. The intention on a system
that supports file system capabilities is
that the setuid bit is a ignored in the
capability calculation, allowing for a system
on which root is just another user. The
capability inheritance machanism is
complicated, but that is in support of
the ability to mark a program with a limited
set of privilege so that setuid root need
not be used.

Does anyone need a pointer to the POSIX
draft document? They include extensive if
somewhat disjointed rationale sections.

http://wt.tuxomania.net/publications/posix.1e/download.html


Casey Schaufler
casey@schaufler-ca.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/