[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#514557: linux-image-2.6.26-1-686: File Capabilities no longer work for scripting languages

tags 514557 moreinfo
thanks

On Sun, Feb 08, 2009 at 10:34:26PM +0100, Torsten Werner wrote:
> Package: linux-image-2.6.26-1-686
> Version: 2.6.26-13
> Severity: normal
> 
> Hi,
> 
> 
> the section 'Transformation of Capabilities During execve()' of the man
> page capabilities(7) does no longer describe the current kernel
> behaviour when it comes to python scripts or other scripting languages.
> It was correct with older version of 2.6.26. I do not understand the
> rationale behind such a change because it forces us to go back to good
> old (secure???) sudo instead of using file capabilities. Currently I see
> 3 ways to solve the problem:
> 
> 1. restore the old behaviour
> 
> 2. make the kernel behaviour configurable in some way
> 
> 3. fix the manpage at least

Can you elaborate on the difference in behaviour you're seeing? Does
it still occur with 2.6.32?

Cheers,
        Moritz
Reply to: