Re: ext3 to include capabilities?

Fred Reimer (Fred.Reimer@bellsouth.net)
Tue, 6 Apr 1999 15:33:09 -0400

From: Matthew Kirkwood <weejock@ferret.lmh.ox.ac.uk>
> On Fri, 2 Apr 1999, Pavel Machek wrote:
> > > > 1. Put capabilities information in the executable header.
> > > > 2. Mark the executable setuid root.
> > > > 3. Have the kernel check for #1 if #2, and prefer #1 if present.
> > Old security scripts program has root privileges. It is wrong, it has
> > only subset. But it is wrong _the right way_. Old scripts still see
> > the "bad scenario".
> > It is no-loose situation.
> It's a no-lose situation until you start using the new features to add
> privileges which weren't there in the first place.

But why would you go back to an older kernel if you are using all this great
functionality? Similarly, is anyone using the ext filesystem? I didn't
think it was even maintained anymore. Why would you begin to rely on the
great new features in ext2 if you can't use them in ext? (I don't actually
know what the differences are, but figured everyone else does so it would be
a good comparison). Why would you want to use the new threads or clone
system call? You sure can't run programs that rely on it on a 0.96 kernel!

Needless to say, I don't think this is a very persuasive argument...

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/