[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: socket-based activation has unmaintainable security?

On Wed, Feb 06, 2013 at 12:30:28PM -0600, Serge Hallyn wrote:
> > > Do we finally have mechanisms to start processes without root but with
> > > elevated capabilities?
> > We also need fallback for non Capability-capable supported kernels
> > (wow that's an awkward sentence)
> Not to mention non-xattr-backed filesystems.
xattrs is only one of possible mechanisms but as we don't have it either,
its shortcomings are probably not worth mentioning.


Attachment: signature.asc
Description: Digital signature

Reply to: