[RFC] linux-2.6.10-auditfs-tc1.patch

Steve Grubb sgrubb at redhat.com
Mon Jan 24 18:29:49 UTC 2005


On Monday 24 January 2005 11:57, Casey Schaufler wrote:
> If I have 6 capabilities but only need one
> of them to perform an action the process list
> does not identify the policy that is being
> overridden.

Maybe this is a wording issue. In Linux, you start with capabilities and lose 
them. You cannot override.

> If I need 2 capabilities but only 
> have one, the one that I don't have but needed
> needs to be pointed out. 

I can see this being useful when writing software, but production systems 
should have the capabilities set correctly at installation.

> The capabilities required to perform an action will not 
> be sent in concrete. For example, accessing
> /a/file may require different capabilities depending on 
> the mode of /a.

We are talking about posix capabilities, right? They are bound to a process 
and enforced on a syscall by the kernel. That *is* cast in concrete unless 
you hack the kernel sources.

-Steve




More information about the Linux-audit mailing list