Quoting Alexey Dobriyan ([email protected]): > > What Alexey wants, I believe, is for users to be able to not have > > to worry about there being exploitable bugs in restart(2) which > > unprivileged users can play with. And for the usual distro-kernel > > reasons, saying use 'CONFIG_CHECKPOINT=n' is not an option. > > This is correct, yes. If I would be a sysadmin who knows a bit about > kernel internals, I'd never trust restart(2) to get it right.
Now I suppose what we could do is define a new CAP_SYS_RESTART capability and require that. Then the admin to whom I'm trying to cater could simply 'capset cap_sys_restart=pe /bin/restart'. Then all users could use restart without being granted the extra privilege implied by CAP_SYS_ADMIN. -serge _______________________________________________ Containers mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/containers _______________________________________________ Devel mailing list [email protected] https://openvz.org/mailman/listinfo/devel
