On Wed, Nov 11, 2009 at 09:52:02AM -0500, Adam Jackson wrote: > On Tue, 2009-11-10 at 18:00 -0500, Dave Jones wrote: > > On Wed, Nov 11, 2009 at 09:56:57AM +1100, James Morris wrote: > > > How might this affect the Fedora kernel? > > > > We set it =y, so it wouldn't affect us if I understand correctly. > > Also, I'm not sure that anything in userspace is actually using > > this feature yet anyway. > > google codesearch to the rescue: > > http://google.com/codesearch?hl=en&sa=N&filter=0&q=prctl.*PR_CAPBSET_DROP afaik, that prctl is available regardless of the option being set. I meant I don't think anything we ship is using the file capabilities, which is a way of marking executable files with the caps they need instead of having them be setuid. (I'm not even sure what tool we would use to set those capabilities, or if we ship it) Dave _______________________________________________ Fedora-kernel-list mailing list Fedora-kernel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-kernel-list
