Quoting Christoph Lameter (c...@linux.com): > On Tue, 3 Feb 2015, Serge E. Hallyn wrote: > > > We've currently got two proposals. (Three includig yours; but I explained > > my > > problem with yours earlier this morning - do appreciate the proposal and > > the patch though, really, thanks) It's worth digging into the details of > > each, but if they end up complicating things then perhaps "dropping > > capabilities and going with something new" ought to be another proposal. > > Ok that is about the binding to a person and executable?
It's about at least making it per-process(-tree). > So you think there should be a cap_inheritable mask settable in the caps > of each file. No. I mean, we have that now. I just want to require a privileged process to fill in the pA in the first place. If people are currently using file caps "as intended" I don't want behavior to change for them. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
