Re: Bug#82473: general: Please update policy to include information on capabilities
On Tue, Jan 16, 2001 at 10:07:16AM +0000, Julian Gilbey wrote:
> explained below, a proper proposal is needed, plus a whole discussion
> as to whether this is, indeed, the way to go. Does it need a certain
> version of the kernel, for example?
Yes, although I'm unsure whether this feature was introduced in 2.2 or
even earlier.
I agree that the capability stuff is probably not yet ready to be the basis
of a distribution, but educating developers would certainly have long-term
benefits and reduce the time it would take to get capability support
working, once the time is ripe.
Including a passage in the policy (or the packaging manual or whatever) to
the effect of "OK, there's this capability thing, we may move to better
support it later; if you're interested, this is where you can read more
about it: [URL]" certainly wouldn't hurt.
Capability support probably wouldn't affect most or even many packages, but
I think that security-critical programs would benefit from it greatly (e.g.
it would preemptively disable many exploits).
I'm neither prepared nor willing to argue this point: I merely sought to
draw your attention to a potential problem and offer a potential solution.
Take it or leave it.
Regards,
Andrew
Ps. I'm not subscribed to debian-devel.
--
Andrew Korn (Korn Andras) <korn@chardonnay.math.bme.hu>
Finger korn@chardonnay.math.bme.hu for pgp key. QOTD:
Perl: The only language that looks the same before and after RSA encryption.
Reply to: