Re: POSIX capabilities patch
In article <[🔎] 20031115234809.GB3347@wonderland.linux.it>,
Marco d'Itri <md@Linux.IT> wrote:
>On Nov 15, Miquel van Smoorenburg <miquels@cistron.nl> wrote:
>
> >>Sorry: http://www.linux.it/~md/software/ssd.tgz .
> >
> >Should that go into /sbin/init itself, so that you can boot with
> >initcaps=eip,cap_setpcap+eip on the command line ? Or is it still
> >too early to put that into init upstream ?
>I don't know. It was a quick hack I made because I wanted to play with
>capabilities. I suppose that there is a reason if whoever designed this
>did not allow normal programs to raise capabilities.
That is what I mean. If the capability stuff was production-ready,
the kernel would use other default settings I guess. On the
other hand, with the default settings as they are now, nobody
is going to use it and it will never be production-ready.
> >I assume init then has to link against libcap or something.
>No, it's not needed.
Okay, so the capability stuff is indeed not ready for production use.
Mike.
--
"Sinds zij Katja en Bridget bij Balkenende zijn geweest is het
bloed niet teruggekeerd in zijn hersens" -- Raoul Heertje.
Reply to: