Date: Fri, 3 Nov 2006 17:57:30 +0100
From: chris friedhoff <chris@friedhoff.org>
To: serue@us.ibm.com
Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/1] security: introduce fs caps
Message-Id: <20061103175730.87f55ff8.chris@friedhoff.org>
Reply-To: 20060906182719.GB24670@sergelap.austin.ibm.com
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1131
Lines: 32

The patch applies cleanly , compiles and runs smoothly against 2.6.18.1.

I'm running slackware-current with a 2.6.18.1 kernel on an ext3
filesystem.

Background why I use the patch:
With 2.6.18 to create a tuntap interface CAP_NET_ADMIN is required.
Qemu uses tuntap to create a tap interface as a virtual net interface.
Instead now running qemu with root privileges to give it the right
to create a tap interface, i granted qemu with the help of the patch and
Kaigai Kohei's userspace tools the cap-net_admin capability. So qemu
runs again without root privilege but has now the right to create the
tap interface.

Thanks for the patch. It reduces my the need of suid-bit progs.
It should be given a spin in -mm.

I will document my experiences on http://www.friedhoff.org/fscaps.html


Chris

please cc me on my email-address

--------------------
Chris Friedhoff
chris@friedhoff.org
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/