Re: intent to package libcap

[dichro-fb8a3ca3@eris.rcpt.to (Mikolaj J. Habryn)]

>>>>> "JHMD" == J H M Dassen <jdassen@wi.leidenuniv.nl> writes:

    JHMD> What's the other?

  BSD(like) - it specifically states:

ALTERNATIVELY, this product may be distributed under the terms of the
GNU General Public License, in which case the provisions of the GNU
GPL are required INSTEAD OF the above restrictions.  (This clause is
necessary due to a potential conflict between the GNU GPL and the
restrictions contained in a BSD-style copyright.)

    JHMD> BTW, can you provide a URL for an introduction to the
    JHMD> capabilities stuff?

  http://www.guug.de/~winni/posix.1e/

  Note that the capabilities stuff is presently an academic
exercise. Currently capabilities are effectively meaningless to
non-root processes (they are irrevocably lost upon setuid away from
root or an exec). So, while you can remove privileges from root, you
can't, unfortunately, remove fundamental things like r/w access to
root owned files (at least, there doesn't appear to be a way to do
it).

  I wrote a patch that allows non-root processes to inherit
privileges, but I'm not sure what else it breaks, and I've yet to hear 
back from the author about it.

m.