On 10/24/2011 03:20 PM, Corey Bryant wrote:
On 10/24/2011 03:21 PM, Anthony Liguori wrote:
On 10/24/2011 02:13 PM, Corey Bryant wrote:
Right, it's not desirable, but isn't that the best we can do without
libcap or FS capabilities?
I think the best we can do is not let it run in those cases.
On 10/24/2011 03:21 PM, Anthony Liguori wrote:
On 10/24/2011 02:13 PM, Corey Bryant wrote:
Right, it's not desirable, but isn't that the best we can do without
libcap or FS capabilities?
I think the best we can do is not let it run in those cases. :) I'd
like see if
others in the community ha
On 10/24/2011 02:13 PM, Corey Bryant wrote:
Right, it's not desirable, but isn't that the best we can do without
libcap or FS capabilities?
I think the best we can do is not let it run in those cases. :) I'd like see if
others in the community have an opinion on this though.
IMHO, it should
On 10/24/2011 09:13 AM, Corey Bryant wrote:
On 10/23/2011 09:22 AM, Blue Swirl wrote:
On Fri, Oct 21, 2011 at 15:07, Corey Bryant wrote:
The ideal way to use qemu-bridge-helper is to give it an fscap of using:
setcap cap_net_admin=ep qemu-bridge-helper
Unfortunately, most distros still do n
On 10/24/2011 02:58 PM, Blue Swirl wrote:
On Mon, Oct 24, 2011 at 18:38, Corey Bryant wrote:
On 10/24/2011 01:10 PM, Blue Swirl wrote:
On Mon, Oct 24, 2011 at 14:13, Corey Bryant
wrote:
On 10/23/2011 09:22 AM, Blue Swirl wrote:
On Fri, Oct 21, 2011 at 15:07, Corey Bryant
wrote:
On Mon, Oct 24, 2011 at 18:38, Corey Bryant wrote:
>
>
> On 10/24/2011 01:10 PM, Blue Swirl wrote:
>>
>> On Mon, Oct 24, 2011 at 14:13, Corey Bryant
>> wrote:
>>>
>>>
>>> On 10/23/2011 09:22 AM, Blue Swirl wrote:
On Fri, Oct 21, 2011 at 15:07, Corey Bryant
wrote:
>
> The i
On 10/24/2011 01:10 PM, Blue Swirl wrote:
On Mon, Oct 24, 2011 at 14:13, Corey Bryant wrote:
On 10/23/2011 09:22 AM, Blue Swirl wrote:
On Fri, Oct 21, 2011 at 15:07, Corey Bryant
wrote:
The ideal way to use qemu-bridge-helper is to give it an fscap of using:
setcap cap_net_admin=ep
On Mon, Oct 24, 2011 at 14:13, Corey Bryant wrote:
>
>
> On 10/23/2011 09:22 AM, Blue Swirl wrote:
>>
>> On Fri, Oct 21, 2011 at 15:07, Corey Bryant
>> wrote:
>>>
>>> The ideal way to use qemu-bridge-helper is to give it an fscap of using:
>>>
>>> setcap cap_net_admin=ep qemu-bridge-helper
>>>
>
On 10/23/2011 09:22 AM, Blue Swirl wrote:
On Fri, Oct 21, 2011 at 15:07, Corey Bryant wrote:
The ideal way to use qemu-bridge-helper is to give it an fscap of using:
setcap cap_net_admin=ep qemu-bridge-helper
Unfortunately, most distros still do not have a mechanism to package files
with
On Fri, Oct 21, 2011 at 15:07, Corey Bryant wrote:
> The ideal way to use qemu-bridge-helper is to give it an fscap of using:
>
> setcap cap_net_admin=ep qemu-bridge-helper
>
> Unfortunately, most distros still do not have a mechanism to package files
> with fscaps applied. This means they'll ha
The ideal way to use qemu-bridge-helper is to give it an fscap of using:
setcap cap_net_admin=ep qemu-bridge-helper
Unfortunately, most distros still do not have a mechanism to package files
with fscaps applied. This means they'll have to SUID the qemu-bridge-helper
binary.
To improve security
11 matches
Mail list logo
