[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Preparing Debian for using capabilities: file ownership.

Previously Nicolás Lichtmaier wrote:
>  That's not true, capabilities can be handled with system calls. A daemon
> may drop all capabilities except the one needed to bind to privileged ports.
> But the daemon would still be ran with UID 0, and be able to modify/access
> any root owned file in the system.

Granted. Applications should still be able to run on kernels without
capabilities until woody+1 at least imho. I still get bugreports
reasonably frequently from people using 2.0 kernels, and I expect people
will continue to use them for quite some time.

>  Capabilities are the future of security in Linux. Capabilities are
> supported in the kernel Debian is now shipping with potato. FS support will
> surely be one of the first things added to 2.5.

I'm not so sure. Actually I'm sure it won't be one of the first things:
capabilities will probably be done as part of a more general attributes
change, and I don't remember seeing a solid and accepted proposal for
that yet.


 / Generally uninteresting signature - ignore at your convenience  \
| wichert@liacs.nl                    http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Reply to: