[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: POSIX capabilities patch

On Wed, Nov 12, 2003 at 07:35:05AM -0700, Hans Fugal wrote:
> So yes, it is broken on purpose (because the real solution is not in
> place). No, it doesn't make capabilities useless, it just makes it
> impossible to use CAP_SETPCAP.

And if i enable SETPCAP for init, will init drop that capability? Will it
pass it to all started programs?

If init by default drops this capability, I dont see a reason for the
default kernel to remove that capability. Well at least a command line
option should allow it and not recompile.

I mean, if it is so complicated to change this, it cant be right to enable
it :)

  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Reply to: