Bug#514557: linux-image-2.6.26-1-686: File Capabilities no longer work for scripting languages
tags 514557 moreinfo
thanks
On Sun, Feb 08, 2009 at 10:34:26PM +0100, Torsten Werner wrote:
> Package: linux-image-2.6.26-1-686
> Version: 2.6.26-13
> Severity: normal
>
> Hi,
>
>
> the section 'Transformation of Capabilities During execve()' of the man
> page capabilities(7) does no longer describe the current kernel
> behaviour when it comes to python scripts or other scripting languages.
> It was correct with older version of 2.6.26. I do not understand the
> rationale behind such a change because it forces us to go back to good
> old (secure???) sudo instead of using file capabilities. Currently I see
> 3 ways to solve the problem:
>
> 1. restore the old behaviour
>
> 2. make the kernel behaviour configurable in some way
>
> 3. fix the manpage at least
Can you elaborate on the difference in behaviour you're seeing? Does
it still occur with 2.6.32?
Cheers,
Moritz
Reply to: