David> With cap support directly in the FS, it won't work across NFS,
David> or after a cp, tar, cpio, what have you without modifying all
David> these tools. It also won't work on any other fs without cap
David> support. (of course) This solution has the nice property of
David> working _now_, (well, pending code obviously) and having great
David> compatibility with current Linux code.
The content of executable files never carried around special
privileges in Unix, they are always stored in metadata. And never
are such privileges carelessly copied around. Transfer of
privileges needs careful considerations and itself special
privileges. For example even if you can read /bin/login as a
normal user you can not copy its privilege with the file
content. The only reasonable approach is that all tools and
transfer protocols, that are not aware of capabilities, erase all
capabilities by default. This means that default behavior of
system calls (open,creat etc.) has to be set accordingly. This
also means that transfer protocols (NFS), that are not aware of
capabilities, do not transfer capabilities.
-- home email: user@domain where domain=berlin.snafu.de, user=zahn Use of my address for unsolicited commercial advertising is forbidden. 2^3021377 - 1 | "Where do you want to crash today?"
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to email@example.com Please read the FAQ at http://www.tux.org/lkml/