Re: Filesystem Capabilities in 2.6?

From: Oliver Xymoron (oxymoron@waste.org)
Date: Sat Nov 02 2002 - 23:10:55 EST

Next message: Linus Torvalds: "Re: Filesystem Capabilities in 2.6?"
Previous message: Alexander Viro: "Re: Filesystem Capabilities in 2.6?"
In reply to: Dax Kelson: "Re: Filesystem Capabilities in 2.6?"
Next in thread: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"
Reply: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Nov 02, 2002 at 09:00:38PM -0700, Dax Kelson wrote:
> On Sat, 2 Nov 2002, Oliver Xymoron wrote:
>
> > # mkcapwrap +net_raw ping.real
>
> Do you mean?
>
> # mkcapwrap +net_raw ping

Actually I meant:

# mkcapwrap +net_raw ping.real ping

..in keeping with ln(1).

> The wrapper needs to setuid/gid to the uid/gid that invokes it.

Generally, though there'd need to be an option to emulate, say, setgid
mail.

> Currently all capabilities are cleared when non-root app does a execp.
> This would need to be addressed.

Hrmm. I thought the inherit mask dealt with that.

-- 
 "Love the dolphins," she advised him. "Write by W.A.S.T.E.." 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: Filesystem Capabilities in 2.6?"
Previous message: Alexander Viro: "Re: Filesystem Capabilities in 2.6?"
In reply to: Dax Kelson: "Re: Filesystem Capabilities in 2.6?"
Next in thread: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"
Reply: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Nov 07 2002 - 22:00:28 EST