[PATCH] 2.6.13: Filesystem capabilities 0.16
Olaf Dietsche
privileged executables without the need for suid root.
Changes:
- updated to 2.6.13
This patch is available at:
<http://www.olafdietsche.de/linux/capability/>
Regards, Olaf.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Nix
> This patch implements filesystem capabilities. It allows to run
> privileged executables without the need for suid root.
Is there some reason why this doesn't keep its capability data in
xattrs?
--
`... published last year in a limited edition... In one of the
great tragedies of publishing, it was not a limited enough edition
and so I have read it.' --- James Nicoll
se...@us.ibm.com
Nicholas Hans Simmonds, who posted his xattr-based fscaps
patch in july (first posting july 2)?
thanks,
-serge
Olaf Dietsche
> On 1 Sep 2005, Olaf Dietsche murmured woefully:
>> This patch implements filesystem capabilities. It allows to run
>> privileged executables without the need for suid root.
>
> Is there some reason why this doesn't keep its capability data in
> xattrs?
When I started fscaps, xattr were new to me and I didn't understand
how to use them. So, I went and made a small and independent patch.
If you're interested in an xattr based approach, you may look at
<http://www.kernel.org/pub/linux/libs/security/linux-privs/>, which is
very old or at <http://www.stanford.edu/~luto/linux-fscap/>, which is
a more recent implementation.
As serge pointed out, there's a third from Nicholas Hans Simmonds.
Regards, Olaf.
Olaf Dietsche
> Or, has there been any communication between yourself and
> Nicholas Hans Simmonds, who posted his xattr-based fscaps
> patch in july (first posting july 2)?
Short answer: no. I'm just keeping this patch up to date for myself
and those interested (if any ;-).
Regards, Olaf.