Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Serge E. Hallyn wrote:
> > To summarize more clearly, I think that so long as we support
> > process trees with a sort of !SECURE_NOROOT support, that
> > support should include the ability to use prct
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge E. Hallyn wrote:
> To summarize more clearly, I think that so long as we support
> process trees with a sort of !SECURE_NOROOT support, that
> support should include the ability to use prctl(KEEP_CAPS) the
> way one uses it now.
> When a process
Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Attached is what I consider only an RFC patch.
>
> I've not really thought through (to my satisfaction) the re-purposing of
> current->keep_capabilities in the non-filesystem-supporting-capability
> c
Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Attached is what I consider only an RFC patch.
>
> I've not really thought through (to my satisfaction) the re-purposing of
> current->keep_capabilities in the non-filesystem-supporting-capability
> c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Attached is what I consider only an RFC patch.
I've not really thought through (to my satisfaction) the re-purposing of
current->keep_capabilities in the non-filesystem-supporting-capability
configuration, but this is basically the code I'm thinking a
On Mon, Aug 27, 2007 at 10:28:17AM -0500, Serge E. Hallyn wrote:
> Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > On Mon, Aug 27, 2007 at 10:09:42AM -0500, Serge E. Hallyn wrote:
> > > Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > > > On Fri, Aug 24, 2007 at 08:50:10PM -0700, Andrew Morgan wrote:
> >
Quoting Adrian Bunk ([EMAIL PROTECTED]):
> On Mon, Aug 27, 2007 at 10:09:42AM -0500, Serge E. Hallyn wrote:
> > Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > > On Fri, Aug 24, 2007 at 08:50:10PM -0700, Andrew Morgan wrote:
> > > >
> > > > FWIW, in the mm kernel, I've actually already removed them w
On Mon, Aug 27, 2007 at 10:09:42AM -0500, Serge E. Hallyn wrote:
> Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > On Fri, Aug 24, 2007 at 08:50:10PM -0700, Andrew Morgan wrote:
> > >
> > > FWIW, in the mm kernel, I've actually already removed them when one
> > > configures without capabilities.
> >
Quoting Adrian Bunk ([EMAIL PROTECTED]):
> On Fri, Aug 24, 2007 at 08:50:10PM -0700, Andrew Morgan wrote:
> >
> > FWIW, in the mm kernel, I've actually already removed them when one
> > configures without capabilities.
> >
> > http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.23-
On Fri, Aug 24, 2007 at 08:50:10PM -0700, Andrew Morgan wrote:
>
> FWIW, in the mm kernel, I've actually already removed them when one
> configures without capabilities.
>
> http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.23-rc3/2.6.23-rc3-mm1/broken-out/v3-file-capabilities-al
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FWIW, in the mm kernel, I've actually already removed them when one
configures without capabilities.
http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.23-rc3/2.6.23-rc3-mm1/broken-out/v3-file-capabilities-alter-behavior-of-cap_setpcap
Quoting Adrian Bunk ([EMAIL PROTECTED]):
> It seems that since it was added in kernel 2.2.0 (sic) securebits
> was never used.
>
> This patch therefore removes it.
Actually IIUC Andrew Morgan had plans of making securebits per-process,
which would make them far more usable.
Now maybe he'd just
It seems that since it was added in kernel 2.2.0 (sic) securebits
was never used.
This patch therefore removes it.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
include/linux/sched.h |1 -
include/linux/securebits.h | 30 --
kernel/capability.c
13 matches
Mail list logo
