"Theodore Y. Ts'o" wrote:
>
> Date: Thu, 10 Feb 2000 20:13:42 +0000 (GMT)
> From: Matthew Kirkwood <weejock@ferret.lmh.ox.ac.uk>
>
> [0] My thinking is somewhat slow today, but as I recall the
> fs caps implementation wants to include all three sets,
> yes?
>
> In the later POSIX drafts, I believe the fs capability sets have been
> dropped down to two, "allowed" and "forced".
The last Draft published (16) and the final version which was
withdrawn (17) have three capability sets:
inheritable - what can be passed on
permitted - what the process can request and get
effective - what the process gets on exec
These sets are exactly the same as what a process has. The calculation
of the capability set on exec is designed to allow proper capability
assignment for both capability aware and capability ignorant programs.
The Draft may be obtained from:
http://www.guug.de/~winni/posix.1e/download.html
it may be the last great troff document.
--Casey Schaufler Manager, Trust Technology, SGI casey@sgi.com voice: (650) 933-1634
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Feb 15 2000 - 21:00:27 EST