Frank Barknecht <[EMAIL PROTECTED]> writes: > Isn't the capabilities patch considered as a security risk by the > kernel folks? I never understood, why, tough. At least a > configure-option would be nice.
Yes, it is. I don't know why either, but I believe it has something to do with CAP_SETPCAP, which permits a process to set the privileges of another process. IIUC, this can make matters worse if an intruder has already managed to subvert some system daemon by other means (buffer overflow, etc.). -- joq ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Alsa-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/alsa-user
