Re: caps in elf, next itteration (the hack get's bigger)
Joseph Malicki (malicki.1@osu.edu)
Tue, 13 Apr 1999 16:04:14 -0400
On Tue, 13 Apr 1999, Theodore Y. Ts'o wrote:
> Date: Tue, 13 Apr 1999 12:31:14 -0400 (EDT)
> From: "David L. Parsley (lkml account)" <kparse@salem.k12.va.us>
>
> I'm curious, Dr. von Brand; have you considered stickybit + immutable? (as
> explained in my recent treatise to Richard ;-) It solves a lot of
> problems and gives us:
>
> That's actually the best alternative I've heard to date.
>
> I suppose you could simply make a capibility-enabled kernel ignore the
> setuid bit on setuid root executables that have no capabilities set. It
> still doesn't solve the problem which Stephen brought up which is that
> you might want an executable to be setuid to some userid (such as
> daemon) and yet still have capabilities. So the stickybit + immutable
> is probably the best alternative heard to date.
>
> - Ted
>
Since the main argument against capability metadata was nfs, and immutable
isn't exported over NFS, why not just make up a new Ext2 attribute for "check
capabilities"? This would also stop any weirdness for someone who happened to
set +ti for another reason. But anyway, how do other unix's which implement
capabilities do it? or are there even any other unixes which implement it?
Joseph Malicki
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/