[linux-audio-dev] Re: linux-audio-dev Digest, Vol 2, Issue 24

Melanie melanie at t-data.com
Tue Nov 18 23:28:37 UTC 2003

Previous message: [linux-audio-dev] Re: linux-audio-dev Digest, Vol 2, Issue 24
Next message: [linux-audio-dev] Re: linux-audio-dev Digest, Vol 2, Issue 24
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2003.11.19 00:00 Paul Davis wrote:
> i don't think they want them even compiled into the kernel. think
> about it: the security model they present is very complex, and very
> distributed through the entire kernel. i don't think anyone could say
> with complete confidence that even if you do not use the cmdline arg
> that the presence of capabilities support does not pose a security issue.

Well, capabilities are _always_ compiled into the kernel. The only thing 
changed to enable them are two static data values, specifically the ones 
used to start init with. This happens in one place and one place only. 
Instead of #defines, these could be globals. Of course they would need to 
be set before init is run, so a kernel command line parameter is the only 
place it can be done easily.
Nothing changes thoughout the kernel but these two data values...

Melanie

Previous message: [linux-audio-dev] Re: linux-audio-dev Digest, Vol 2, Issue 24
Next message: [linux-audio-dev] Re: linux-audio-dev Digest, Vol 2, Issue 24
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audio-dev mailing list