--- Jan Engelhardt <[EMAIL PROTECTED]> wrote: > > On Dec 26 2007 16:29, Andrew Morgan wrote: > >> > >> I'm assuming it's unintended - or rather it's harmless but has no use - > >> but will let Andrew respond since he may have some cool idea i haven't > >> thought of. > > > >This is not intended behavior. It should be fixed (aka such support > >removed). Capabilities should only be available on executable files - > >not directories, symlinks or anything else... > > > What about defining Windows-style access control, e.g. splitting up > the +w bit into "append (create new files)" and "delete files"?
Please, no. POSIX capabilities are only meaningfull on files. They are are and should be ignored on any other sort of object. The simple name/value pair model of xattrs could get uglified by working too hard at making sure that only good names get on objects. If you want to use an attribute to differentiate between append and delete files, pick a different name and implement an LSM to enforce it. Thank you. Casey Schaufler [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html