Once upon a time, Jon Masters <jonathan@xxxxxxxxxxxxxx> said: > Personally I think switching to fully POSIX file caps is a wonderful > idea for sometime around 2010 or a bit later, but it's not practical for > regular system utilities that might be sitting on older filesystems to > do this today. Root NFS will break, many custom spins, just a lot of > stuff is going to be very unhappy if we start doing this. Would it be possible to implement capabilities in a backwards compatible fashion? For example, still have e.g. /bin/ping setuid-root, but also have capabilities assigned, and have the capabilities override setuid-root (if capabilities are assigned the setuid/setgid bits are ignored). If you are running from a filesystem where capabilities are not supported (or are not passed from server to client as in the case of NFS), you'd just get the "old-fashioned" setuid/setgid effect and things would still work. If you _do_ see the capabilities, you ignore the setuid/setgid flags and only assign the requested capabilities and get the benefits of fine-grained security. -- Chris Adams <cmadams@xxxxxxxxxx> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
