Re: Filesystem Capabilities in 2.6?

Andreas Gruenbacher (agruen@suse.de)
Tue, 5 Nov 2002 16:05:47 +0100

On Tuesday 05 November 2002 15:48, Olaf Dietsche wrote:
> Andreas Gruenbacher <agruen@suse.de> writes:
> > On Friday 01 November 2002 19:32, Dax Kelson wrote:
> >> With FS capabilities we (Linux) can have the same situation. Security
> >> is a hot topic, and anything the kernel can do make security
> >> better/easier seems worthy of consideration.
> >
> > We have little experience with full blown capability enabled systems.
> > Rushing
>
> And it will stay that way, if we don't start now.
>
> > things doesn't seem like a good idea. IMO we should wait until vendors
> > have integrated FS caps before adding this to the standard kernel.
>
> Fact is, we have a capability enabled system for quite some time. It's
> just not making any progress regarding fs caps.

> But I must admit, that it may not be the time to include them into
> the mainstream kernel.

This was my point. After this discussion I am sure the patch won't be merged
for 2.6 anyway.

[...]

> BTW, it's really amazing how many people argue _against_ and how few
> are working _for_ fs capabilities. And it's not that anybody has shown
> real arguments against. Mostly uneasy fealings, eventual scenarios and
> bashing of stupid vendors and foolish sysadmins. This might score some
> points here and there, but it is not really helpful.

Several pros and cons were brought up. In the end all that counts is whether
the pros are big enough to warrant the cons.

--Andreas.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/