On Wed, 2013-02-13 at 09:20 -0800, H. Peter Anvin wrote:
> Problem:
>
> Someone adds SYS_CAP_RAWIO to some places it definitely does not
> belong.
>
> Solution:
>
> Break all the *appropriate* (as defined)uses of SYS_CAP_RAWIO?
Problem:
CAP_SYS_RAWIO has been used in a bunch of arguably inappropriate places.
Removing CAP_SYS_RAWIO from the set of possible capabilities on a system
will prevent userspace from doing things that userspace should be
permitted to do. Removing CAP_SYS_RAWIO from the places that it
currently exists will allow userspace to do too much. Replacing
CAP_SYS_RAWIO with CAP_SYS_ADMIN will prevent userspace from doing
things that it can currently do.
Solution:
Admit that CAP_SYS_RAWIO is fucked up beyond rescue. Add a new
capability with well-defined semantics.
��.n��������+%�������w��{.n�����{����*�jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
