Quoting Andy Lutomirski (luto@xxxxxxxxxxxxxx): > On Apr 24, 2015 2:15 PM, "Serge E. Hallyn" <serge@xxxxxxxxxx> wrote: > > > > On Fri, Apr 24, 2015 at 01:18:44PM -0700, Andy Lutomirski wrote: > > > On Fri, Apr 24, 2015 at 1:13 PM, Christoph Lameter <cl@xxxxxxxxx> wrote: > > > > On Fri, 24 Apr 2015, Andy Lutomirski wrote: > > > > > > > >> That's sort of what my patch does -- you need CAP_SETPCAP to switch > > > >> the securebit. > > > >> > > > >> But Christoph's patch required it to add caps to the ambient set, right? > > > > > > > > Yes but you seem to be just adding one additional step without too much of > > > > a benefit because you still need CAP_SETPCAP. > > > > > > > > > > No, because I set the default to on :) > > > > Right - I definately prefer > > > > . default off > > . CAP_SETPCAP required to turn it on (for self and children) > > . once on, anyone can copy bits from (whatever we decided) to pA. > > > > Why default off? If there's some weird reason that switching it on > could cause a security problem, then I'd agree, but I haven't spotted > a reason yet. Cause it's less scary? I'll just wait for the new patchset :) -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
