Why not allow any user with some capabilies (he *is* supposed to be
reponsible if he has them) to generate a binary with one or more
capabilities associated. Anyone allowed to run this would then have
that capability (only inside the context of that binary, of course)
That user can actually add any or even all existing capabilities to his
binary, however, only those the owner actually *can* set will be
active.
setting the setuid bit would then only tel the system to become the
owner,
and then set the current capabilities by and-ing owner capabilities and
capabilities from the executable.
This is actually a generalisation to the root only thing as you want to
restrict root anyway later on, which would make necessary a file
somwhere
containing what root is allowed to do. once you have that file,
you can rename root to User-allowed-to-do-disk-things,
User-allowed-to-do-mail-things, User-allowed-to-bother-people, etc....
It's just the 'only root' thing I don't like. again, we are supposed
to remove/reduce root in the futur.
Ernest.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/