I guess my position is that storing the capabilities of a file should be
done with inode attributes. Such support should ultimately reside within
the filesystem and be regulated by the kernel.
Y2K's patch as I understand it, is a filter that one can use to mask the
capabilities that a file would otherwise inadvertently inherit. In the
absence of filesystem support, and without access to the source code for
the program, I can see this as a useful feature, but no more so than the
execcap and sucap wrappers distributed with libcap (*). [I should
confess that Pavel's patch is not something I've examined closely.]
There already exists a patch to add VFS layer support to Linux 2.2 (*),
and I'll make sure it compiles with 2.3 . This patch provides some
module hooks (and I've made such a module available) to add effective
capability support for files under any filesystem. That said, this is
not something I want to see in 2.3 "just yet", as it has a few rough
edges and is missing mount/umount support.
I guess that's my comment.
Cheers
Andrew
(*) all this stuff is here:
2.2 support library:
ftp://linux.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.2/
Code I'm intending to submit for inclusion with 2.3 (but at this stage
is relative to 2.2)
and includes updated libraries and kernel patches for VFS support:
ftp://linux.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.3/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/