Quoting Andrew G. Morgan ([EMAIL PROTECTED]):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
| Quoting Andrew G. Morgan ([EMAIL PROTECTED]):
| Here is my latest per-process secure-bits patch.
|
| Hey Andrew,
|
| looks really good. Two comments inline.
Thanks
Hi David-
On Jan 29, 2008, at 10:25 PM, David Howells wrote:
Chuck Lever [EMAIL PROTECTED] wrote:
This patch really ought to be broken into more manageable atomic
changes to make it easier to review, and to provide more fine-grained
explanation and rationalization for each specific change via
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Here is the patch adding per-process secure-bits. This patch was
generated over 2.6.24-rc8-mm1 + my privilege escalation bugfix.
Cheers
Andrew
Ref: 6a63d67f37e50dd2031b3a050ebac1e64eae916e
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6
On Wed, 30 Jan 2008 23:02:30 -0800 Andrew G. Morgan [EMAIL PROTECTED] wrote:
With filesystem capabilities it is now possible to do away with
(set)uid-0 based privilege and use capabilities instead.
Historically, this was first attempted with a kernel-global set of
securebits. That