Re: Bug#82473: general: Please update policy to include information on capabilities

["KORN Andras" <korn@chardonnay.math.bme.hu>]

On Tue, Jan 16, 2001 at 10:07:16AM +0000, Julian Gilbey wrote:

> explained below, a proper proposal is needed, plus a whole discussion
> as to whether this is, indeed, the way to go.  Does it need a certain
> version of the kernel, for example?

Yes, although I'm unsure whether this feature was introduced in 2.2 or
even earlier.

I agree that the capability stuff is probably not yet ready to be the basis
of a distribution, but educating developers would certainly have long-term
benefits and reduce the time it would take to get capability support
working, once the time is ripe.

Including a passage in the policy (or the packaging manual or whatever) to
the effect of "OK, there's this capability thing, we may move to better
support it later; if you're interested, this is where you can read more
about it: [URL]" certainly wouldn't hurt.

Capability support probably wouldn't affect most or even many packages, but
I think that security-critical programs would benefit from it greatly (e.g.
it would preemptively disable many exploits).

I'm neither prepared nor willing to argue this point: I merely sought to
draw your attention to a potential problem and offer a potential solution.
Take it or leave it.

Regards,

Andrew

Ps. I'm not subscribed to debian-devel.

-- 
            Andrew Korn (Korn Andras) <korn@chardonnay.math.bme.hu>
             Finger korn@chardonnay.math.bme.hu for pgp key. QOTD:
 Perl: The only language that looks the same before and after RSA encryption.