Re: Filesystem Capabilities in 2.6?

Oliver Xymoron (oxymoron@waste.org)
Sat, 2 Nov 2002 22:10:55 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Linus Torvalds: "Re: Filesystem Capabilities in 2.6?"
Previous message: Alexander Viro: "Re: Filesystem Capabilities in 2.6?"

On Sat, Nov 02, 2002 at 09:00:38PM -0700, Dax Kelson wrote:
> On Sat, 2 Nov 2002, Oliver Xymoron wrote:
>
> > # mkcapwrap +net_raw ping.real
>
> Do you mean?
>
> # mkcapwrap +net_raw ping

Actually I meant:

# mkcapwrap +net_raw ping.real ping

..in keeping with ln(1).

> The wrapper needs to setuid/gid to the uid/gid that invokes it.

Generally, though there'd need to be an option to emulate, say, setgid
mail.

> Currently all capabilities are cleared when non-root app does a execp.
> This would need to be addressed.

Hrmm. I thought the inherit mask dealt with that.

-- 
 "Love the dolphins," she advised him. "Write by W.A.S.T.E.." 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: Filesystem Capabilities in 2.6?"
Previous message: Alexander Viro: "Re: Filesystem Capabilities in 2.6?"