Hello.
This is (c) Add new hooks. approach I proposed at
http://www.mail-archive.com/[EMAIL PROTECTED]/msg11536.html .
Although this is an incomplete patch,
I want to know whether you can tolerate this approach or not.
If you cannot tolerate this approach, may be we need to consider
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]):
Hello,
I'm not sure it is you the right person to contact.
I tried to run latest normal user wireshark with SUID dumpcap without success
under linux-2.6.24.2. After looking around it seems to be related to the file
in the kernel
On Sun, Feb 17, 2008 at 06:00:30PM +0900, Tetsuo Handa wrote:
Hello.
This is (c) Add new hooks. approach I proposed at
http://www.mail-archive.com/[EMAIL PROTECTED]/msg11536.html .
Although this is an incomplete patch,
I want to know whether you can tolerate this approach or not.
If
Hello.
No printable comments, except for that:
(e) why don't you guys move the Linus' Serious Mistake to _callers_ of
vfs_mknod() and its ilk?
Which obviously solves all problems with having vfsmount.
Excuse me. I didn't understand what the Linus' Serious Mistake to
_callers_ of
On Mon, Feb 18, 2008 at 09:03:51AM +0900, Tetsuo Handa wrote:
Hello.
No printable comments, except for that:
(e) why don't you guys move the Linus' Serious Mistake to _callers_ of
vfs_mknod() and its ilk?
Which obviously solves all problems with having vfsmount.
Excuse me. I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge E. Hallyn wrote:
| Andrew, this pretty much was bound to happen... we need to figure out
| what our approach here should be. My preference is still to allow
| signals when p-uid==current-uid so long as !SECURE_NOROOT. Then as
| people start
Quoting Andrew G. Morgan ([EMAIL PROTECTED]):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge E. Hallyn wrote:
| Andrew, this pretty much was bound to happen... we need to figure out
| what our approach here should be. My preference is still to allow
| signals when p-uid==current-uid
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge E. Hallyn wrote:
| Signed-off-by: Serge E. Hallyn [EMAIL PROTECTED]
| ---
| security/commoncap.c |2 +-
| 1 files changed, 1 insertions(+), 1 deletions(-)
|
| diff --git a/security/commoncap.c b/security/commoncap.c
| index
--- Serge E. Hallyn [EMAIL PROTECTED] wrote:
Two quick fixes for you right now (apart from the one you've already
got :) would be
1. give wireshark cap_kill, by doing something like
capset cap_kill=ep /bin/wireshark
2. compile a kernel with
Greg KH wrote:
On Fri, Feb 15, 2008 at 12:38:02PM -0600, Serge E. Hallyn wrote:
This patch enables to export code/name of capabilities supported
on the running kernel.
A newer kernel sometimes adds new capabilities, like CAP_MAC_ADMIN
at 2.6.25. However, we have no interface to
On Mon, Feb 18, 2008 at 04:12:53PM +0900, Kohei KaiGai wrote:
Greg KH wrote:
On Fri, Feb 15, 2008 at 12:38:02PM -0600, Serge E. Hallyn wrote:
This patch enables to export code/name of capabilities supported
on the running kernel.
A newer kernel sometimes adds new
11 matches
Mail list logo