Fedora 11: moving to posix file capabilities?

Joe Nall joe at nall.com
Wed Oct 29 12:27:51 UTC 2008


On Oct 29, 2008, at 5:37 AM, Panu Matilainen wrote:

>
> Hate to interrupt the tty1 vs tty7 debate but...
>
> We have kernel support for storing capabilities on filesystem since  
> 2.6.24 and recent libcap, both in F9 already. I just committed file  
> capability support to rpm.org HEAD, filling in the final(?) missing  
> piece. Capability support is not going to be in rpm 4.6.0 but no  
> reason they can't be pulled into 4.6.1 which is easily in F11  
> timeframe.
>
> Are we ready to start considering moving away from SUID bits to  
> capabilities, in Fedora 11 maybe?

Not until this bug is fixed :)

prelink erases file-based capabilities

https://bugzilla.redhat.com/show_bug.cgi?id=456105

joe




More information about the fedora-devel-list mailing list