On Wed, Oct 29, 2008 at 12:53:16PM -0400, Colin Walters wrote:
On Wed, Oct 29, 2008 at 6:37 AM, Panu Matilainen
<pmatilai@xxxxxxxxxxxxxxx> wrote:
Hate to interrupt the tty1 vs tty7 debate but...
We have kernel support for storing capabilities on filesystem since 2.6.24
and recent libcap, both in F9 already. I just committed file capability
support to rpm.org HEAD, filling in the final(?) missing piece. Capability
support is not going to be in rpm 4.6.0 but no reason they can't be pulled
into 4.6.1 which is easily in F11 timeframe.
Are we ready to start considering moving away from SUID bits to
capabilities, in Fedora 11 maybe?
Note that from the desktop direction we've been moving the OS away
from exec-based domain transitions to message passing (e.g. PolicyKit)
for a variety of reasons.
Colin,
Could you please suggest some links to your favorite writeups of those
reasons? Also, do you have data on what effect (if any) this trend has
on steady-state system memory consumption?
Thanks,
Michael
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
