Re: socket-based activation has unmaintainable security?
Quoting Jonathan Dowland (jmtd@debian.org):
> On 6 Feb 2013, at 17:37, Andrey Rahmatullin <wrar@wrar.name> wrote:
>
> > Do we finally have mechanisms to start processes without root but with
> > elevated capabilities?
>
> We also need fallback for non Capability-capable supported kernels
> (wow that's an awkward sentence)
Not to mention non-xattr-backed filesystems.
Every time I've been in a discussion like this, that ends up being
the reason not to pursue it.
-serge
Reply to: