Re: understanding Linux capabilities brokenness

[David Wagner]

David Madore  wrote:
>This does not tell me, then, why CAP_SETPCAP was globally disabled by
>default, nor why passing of capabilities across execve() was entirely
>removed instead of being fixed.

I do not know of any good reason.  Perhaps the few folks who knew enough
to fix it properly didn't feel like bothering; it beats me.

Messing with capabilities is scary.  As far as I can tell, there never was
any coherent "design" to the semantics of POSIX capabilities in Linux.
It's had a little bit of a feeling of a muddle of accumulated gunk,
so unless you understand it really well, it's hard to know what any
changes you make are safe.  This may have scared people away from fixing
it "the right way".  But if you're volunteering to do the analysis and
figure out how to fix it, I say, sounds good to me.

Then again, I'm an outsider.  Perhaps someone more involved in the
development and maintanence of capabilities knows something that I don't.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/