>>> Not that I really care one way or the other about capabilities,
>>> just wondering if anyone has really thought this through before
>>> posting "it's up to the interpreter"
>> {Shrug} Perhaps somebody can suggest some way that capabilities
>> can have meaning for a script, any script if it comes to that?
> My inclination is that if a script needs capabilities, you
> should use a wrapper executable. I don't like setuid scripts, I
> don't like set-capability scripts for the same reason.
I've always agreed with the BugTrax comment I saw aeons ago that
pointed out that scripts are subject to so many security holes that
they should NEVER be given extra facilities. For this reason, I have
no sympathy at all with any argument for giving extra rights to
scripts in ANY circumstances, and certainly I've yet to meet a valid
reason for doing so...
Best wishes from Riley.
+----------------------------------------------------------------------+
| There is something frustrating about the quality and speed of Linux |
| development, ie., the quality is too high and the speed is too high, |
| in other words, I can implement this XXXX feature, but I bet someone |
| else has already done so and is just about to release their patch. |
+----------------------------------------------------------------------+
* ftp://ftp.MemAlpha.cx/pub/rhw/Linux
* http://www.MemAlpha.cx/kernel.versions.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/