[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#82473: general: Please update policy to include information on capabilities

On Mon, Jan 15, 2001 at 06:41:23PM -0600, David Starner wrote:

> First, I think this should be a bug on policy, if anywhere.

True; my mistake. Originally I intended to complain on the general lack of
capability support in most packages as well, but later refrained from it.

I don't think I have the authority to reassing the report, do I?

> IMO, it would be much better if you wrote up something on how you think
> capabilities should be handled by Debian first, since this bug isn't going
> anywhere until some who knows and uses capabilities does just that.

I'm not an expert on capabilities myself; I'd rather someone with a better
understanding of the system wrote this 'something' up.

I can merely provide you with what I consider to be the most basic

- developers of packages that contain code running as root or code run at
system startup should familiarize themselves with the capability system

- package documentation should clearly state what capabilities are required
by what part of the package in which stage of operation

- security critical software (such as daemons) should provide a mechanism
for dropping certain capabilities after they are no longer needed

- especially startup scripts need to be audited for capability issues;
basically, the fewer capabilities a startup script needs, the better

I don't think these goals can be realized in the near future, but this is
what I believe would be sensible to aim for.


            Andrew Korn (Korn Andras) <korn@chardonnay.math.bme.hu>
             Finger korn@chardonnay.math.bme.hu for pgp key. QOTD:
                     Be alert. The world needs more lerts.

Reply to: