--- Chris Wright <[EMAIL PROTECTED]> wrote: > * Serge E. Hallyn ([EMAIL PROTECTED]) wrote: > > Here is a new version of the 64-bit capability patches I was supposed > > to send last week I think. > > > > This patch could stand alone without the 64-bit caps, but should > > definately not be applied anywhere until it has been better > > reviewed. It is the alternative to the patch removing the > > capability type checking code. > > How likely is > 64?
If the Granularity Gremlins get loose the answer is 100%. DG/UX ended up with over 330. Fortunately the GGs have a playpen already in SELinux. I suggest that the capabilities maintainer be very stingy and refer anyone who's need isn't pretty obvious there. This means that the folks who want to divide CAP_SYSADMIN are going to be disappointed with what they get, but some level of restraint is important. Casey Schaufler [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html