Re: [RFC] linux-2.6.10-auditfs-tc1.patch
On Monday 24 January 2005 11:57, Casey Schaufler wrote:
If I have 6 capabilities but only need one
of them to perform an action the process list
does not identify the policy that is being
overridden.
Maybe this is a wording issue. In Linux, you start with capabilities and lose
them. You cannot override.
If I need 2 capabilities but only
have one, the one that I don't have but needed
needs to be pointed out.
I can see this being useful when writing software, but production systems
should have the capabilities set correctly at installation.
The capabilities required to perform an action will not
be sent in concrete. For example, accessing
/a/file may require different capabilities depending on
the mode of /a.
We are talking about posix capabilities, right? They are bound to a process
and enforced on a syscall by the kernel. That *is* cast in concrete unless
you hack the kernel sources.
-Steve