18 Nov
2003
18 Nov
'03
7:01 p.m.
On 2003.11.18 21:02 Paul Davis wrote:
i don't think they want them even compiled into the kernel. think
about it: the security model they present is very complex, and very
distributed through the entire kernel. i don't think anyone could say
with complete confidence that even if you do not use the cmdline arg
that the presence of capabilities support does not pose a security issue.
by contrast, kjetil's patch has very deterministic and very local
effects, and when its off, we know its off.
i'm with fernando on this. we are not looking
for broad acceptance,
though it would be nice. it would be great if this showed us a
config-time option for the kernel, but i think its unlikely. more
likely than caps being turned on by default, though.
Wouldn't it, just maybe, be acceptable to the kernel people if capabilities
could be turned on by some parameter on the kernel command line (e.g.
capabilities=on)?
This would make capabilities disabled by default, but gives a way to enable
them that does not require a kernel patch and rebuild...