[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Fedora 11: moving to posix file capabilities?
- From: Steve Grubb <sgrubb redhat com>
- To: fedora-devel-list redhat com
- Cc: Chris Adams <cmadams hiwaay net>
- Subject: Re: Fedora 11: moving to posix file capabilities?
- Date: Sat, 1 Nov 2008 10:14:22 -0400
On Friday 31 October 2008 21:41:50 Chris Adams wrote:
> Would it be possible to implement capabilities in a backwards compatible
> fashion? For example, still have e.g. /bin/ping setuid-root, but also
> have capabilities assigned, and have the capabilities override
> setuid-root (if capabilities are assigned the setuid/setgid bits are
> ignored).
This is an interesting idea. I haven't tested to see which one overrides, but
I think this would be a good backwards compatible solution. Might take a
kernel patch to fix, but worth looking into.
Thanks,
-Steve
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]