Re: Preparing Debian for using capabilities: file ownership.

To: debian-policy@lists.debian.org
Subject: Re: Preparing Debian for using capabilities: file ownership.
From: Wichert Akkerman <wichert@cistron.nl>
Date: Sat, 23 Sep 2000 00:30:38 +0200
Message-id: <[🔎] 20000923003038.A1146@cistron.nl>
Mail-followup-to: Wichert Akkerman <wichert@cistron.nl>, debian-policy@lists.debian.org
In-reply-to: <[🔎] 20000922192313.D4682@debian.org>; from nick@debian.org on Fri, Sep 22, 2000 at 07:23:13PM -0300
References: <[🔎] 20000920222406.B426@debian.org> <[🔎] 20000921135003.A15461@cistron.nl> <[🔎] 20000922184402.B4682@debian.org> <[🔎] 20000923000951.B31552@cistron.nl> <[🔎] 20000922192313.D4682@debian.org>

Previously Nicolás Lichtmaier wrote:
>  Yes, you are right, I was probably too optimisitic with that. But, perhaps,
> the "general change" will be the modification of EXT2 to support "resource
> forks", but the needed changes in the VFS are probably small, and perhaps,
> one of those new filesystems will include capabilities before ext2 does...

I wonder if you're read linux-kernel recently, resource forks definitely
will never be part of (mainstream) Linux. Nasty evil things!

The changes to the VFS will probably be minimal, but they do require
people agree on a flexible way to handle all kinds of attributes without
tieing things down to a single (or even the set of currently existing) 
filesystem(s).

> But anyway, capabilities are useable without fs support.

Definitely. Some daemons like proftpd already use them.

Also, keep in mind that the set of capilities differs between 2.2 and
2.4 kernels if memory serves me correctly, and people are still looking
at making sure the current set is an optimal one. (Fun assignment: see
which capabilities can lead to root access. It turns out to be a
surprisingly large set).

Wichert.

-- 
   ________________________________________________________________
 / Generally uninteresting signature - ignore at your convenience  \
| wichert@liacs.nl                    http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Reply to:

Follow-Ups:
- Re: Preparing Debian for using capabilities: file ownership.
  - From: Nicolás Lichtmaier <nick@debian.org>
- Re: Preparing Debian for using capabilities: file ownership.
  - From: John Lines <john@paladin.demon.co.uk>
- Re: Preparing Debian for using capabilities: file ownership.
  - From: Britton <fsblk@aurora.uaf.edu>

References:
- Preparing Debian for using capabilities: file ownership.
  - From: Nicolás Lichtmaier <nick@debian.org>
- Re: Preparing Debian for using capabilities: file ownership.
  - From: Wichert Akkerman <wichert@cistron.nl>
- Re: Preparing Debian for using capabilities: file ownership.
  - From: Nicolás Lichtmaier <nick@debian.org>
- Re: Preparing Debian for using capabilities: file ownership.
  - From: Wichert Akkerman <wichert@cistron.nl>
- Re: Preparing Debian for using capabilities: file ownership.
  - From: Nicolás Lichtmaier <nick@debian.org>

Prev by Date: Re: Preparing Debian for using capabilities: file ownership.
Next by Date: Re: Preparing Debian for using capabilities: file ownership.
Previous by thread: Re: Preparing Debian for using capabilities: file ownership.
Next by thread: Re: Preparing Debian for using capabilities: file ownership.
Index(es):
- Date
- Thread