tags 457146 fixed-upstream thanks Hello Rafael,
I'll kibbitz a little from upstream here. You are reporting this bug against a very old release -- I believe current Debian is on something like 2.6x. This bug was fixed in upstream 2.40. Cheers, Michael Rafael C. de Almeida wrote: > Package: manpages > Version: 2.39-1 > Severity: normal > Tags: patch > > The capabilities(7) manpage states: > > A full implementation of capabilities requires: > > 2. that the kernel provide system calls allowing a thread’s > capability sets to be changed and retrieved. > > 3. file system support for attaching capabilities to an > executable file, so that a process gains those capabilities when the > file is execed. > > Clearly an item is missing. The missing item is: > 1. that for all privileged operations, the kernel check whether the > process has the required capability in its effective set. > > > -- System Information: > Debian Release: 4.0 > APT prefers stable > APT policy: (500, 'stable') > Architecture: i386 (i686) > Shell: /bin/sh linked to /bin/bash > Kernel: Linux 2.6.18-5-686 > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > > -- no debconf information > > > ------------------------------------------------------------------------ > > --- man-pages-2.39/man7/capabilities.7 2006-08-03 10:58:08.000000000 > -0300 > +++ man-pages-2.39-new/man7/capabilities.7 2007-12-20 03:01:07.000000000 > -0200 > @@ -379,7 +379,10 @@ > kernel version 2.2.11. > .SS Current and Future Implementation > A full implementation of capabilities requires: > - > +.IP 1. 4 > +that for all privileged operations, > +the kernel check whether the thread has the required > +capability in its effective set. > .IP 2. 4 > that the kernel provide > system calls allowing a thread's capability sets to -- Michael Kerrisk Maintainer of the Linux man-pages project http://www.kernel.org/doc/man-pages/ Want to report a man-pages bug? Look here: http://www.kernel.org/doc/man-pages/reporting_bugs.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
