Quoting Suparna Bhattacharya ([EMAIL PROTECTED]):
On Thu, May 10, 2007 at 01:01:27PM -0700, Andreas Dilger wrote:
On May 08, 2007 16:49 -0500, Serge E. Hallyn wrote:
Quoting Andreas Dilger ([EMAIL PROTECTED]):
One of the important use cases I can see today is the ability to
split
On Thu, May 10, 2007 at 01:01:27PM -0700, Andreas Dilger wrote:
On May 08, 2007 16:49 -0500, Serge E. Hallyn wrote:
Quoting Andreas Dilger ([EMAIL PROTECTED]):
One of the important use cases I can see today is the ability to
split the heavily-overloaded e.g. CAP_SYS_ADMIN into much more
On May 08, 2007 16:49 -0500, Serge E. Hallyn wrote:
Quoting Andreas Dilger ([EMAIL PROTECTED]):
One of the important use cases I can see today is the ability to
split the heavily-overloaded e.g. CAP_SYS_ADMIN into much more fine
grained attributes.
Sounds plausible, though it suffers
On May 08, 2007 14:17 -0500, Serge E. Hallyn wrote:
As the capability set changes and distributions start tagging
binaries with capabilities, we would like for running an older
kernel to not necessarily make those binaries unusable.
(0. Enable the CONFIG_SECURITY_FS_CAPABILITIES
Quoting Andreas Dilger ([EMAIL PROTECTED]):
On May 08, 2007 14:17 -0500, Serge E. Hallyn wrote:
As the capability set changes and distributions start tagging
binaries with capabilities, we would like for running an older
kernel to not necessarily make those binaries unusable.
(0.