Hi, I recenetly found out that the kernel now allows more than 32 capabilities. This means I need to update the audit code that inteprets this value given from SE Linux. When I looked over the 2.6.27 kernel code, I found that SE Linux has not updated the capabilities code. Its still being kept as a simple integer in avc.h, but everywhere else I look in the kernel has moved to kernel_cap_t, which is an array. Are patches for moving to kernel_cap_t scheduled for 2.6.28? Are there security implications for not being able to access or control capabilities > 32? Thanks, -Steve -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
