> The problem is, to get good semantics, there are a lot of repercussions
> which all need to be thought out. For instance, I now find that besides
> needing to store the true owner of the file in the headers, we also need
> to store the true value of the setuid bit, to determine whether the file
> actually executes as the owner or not. (group info is _not_ needed)
If you took a look at patch, you'd realize that this is already
done. 2 lines of c ;-).
Pavel
PS: Patch actually does not change semantics of almost anything:
Setuid root can do _anything_...
...which for example means it can volunteerily give up its
rights. What capelf does is that instead of dropping it at beggining
of main (which is doable _right now_), it drops them even sooner _AND_
external program like lscap can verify that it is really going to drop
privileges.
-- I'm really pavel@atrey.karlin.mff.cuni.cz. Pavel Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/