Re: [PATCH] [request for inclusion] Realtime LSM

From: Olaf Dietsche
Date: Wed Jan 05 2005 - 15:14:06 EST

Next message: Jurriaan on adsl-gate: "Re: Linux 2.6.10-rc3-bk15 hanged under high load (i386)"
Previous message: Jan-Frode Myklebust: "panic - Attempting to free lock with active block list"
In reply to: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrew Morton <akpm@xxxxxxxx> writes:

> Alan Cox <alan@xxxxxxxxxxxxxxxxxxx> wrote:
>>
>> Can we use capabilities
>
> capabilities don't work :(
>
> http://www.uwsg.iu.edu/hypermail/linux/kernel/0404.0/0502.html

Capabilities don't work, because of missing filesystem
capabilities. If you have them, it's a question of setting the
appropriate permitted, inheritable and effective capability sets.

I didn't follow the whole thread. But if you want to grant
capabilities on a per user/group basis, may I suggest accessfs user
based capabilities, for example? :-)

Regards, Olaf.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jurriaan on adsl-gate: "Re: Linux 2.6.10-rc3-bk15 hanged under high load (i386)"
Previous message: Jan-Frode Myklebust: "panic - Attempting to free lock with active block list"
In reply to: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]