-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Serge and I have been discussing this test offline (there is a
get_cap_text() libcap change that I'm investigating that he wants to be
able to make the test more resilient in the face of newly added
capabilities). Since Serge is also reviewing these changes, I'm sure
he'll have something to say about enhancements to the test...

Cheers

Andrew

Subrata Modak wrote:
| Hi Andrew,
|
| Do you feel that the corresponding filecaps test in LTP needs to be
| reviewed against the changes in Kernel filecaps. Do you remember that
| Sergei wrote this test case and you gave the review comments, after
| which we included the same inside LTP:
|
| http://ltp.cvs.sourceforge.net/ltp/ltp/testcases/kernel/security/filecaps/
|
| Regards--
| Subrata
|
| On Thu, Jun 26, 2008 at 2:16 PM, Andrew G. Morgan <[EMAIL PROTECTED]
| <mailto:[EMAIL PROTECTED]>> wrote:
|
| Andrew,
|
| Configuring filesystem capabilities is still tagged experimental, and
| the effect of the "security fix" part of this change is conditional on
| filesystem capabilities being configured. This late in the rc cycle, I'm
| not convinced that the risk of this bugfix isn't greater than the
| benefit.
|
| If you disagree, there is another "security" problem with filesystem
| capabilities and strace, and I've been exploring the fix. This is also
| the last fix I think we need before we can remove the experimental
| attribute on filesystem capabilities.
|
| As such, I'll follow this up with four patches. The first two are
| bugfixes (affecting kernels configured with filesystem support); the
| third is the refactoring; and the fourth removes the experimental tag on
| filesystem capability support.
|
| Cheers
|
| Andrew
|
| Andrew Morton wrote:
| | On Fri, 20 Jun 2008 08:38:19 -0700
| | "Andrew G. Morgan" <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
| wrote:
| |
| |> From 8a2bffcb5363295ea43ef42c84c121a8e8c7ffa0 Mon Sep 17 00:00:00
| 2001
| |> From: Andrew G. Morgan <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
| |> Date: Fri, 20 Jun 2008 08:16:06 -0700
| |> Subject: [PATCH] Refactor filesystem capability support in main
| kernel.
| |>
| [...]
| | This is one helluva large (security!) patch for so late in -rc.
| |
| | Could we please split out the bugfix for 2.6.26 (is it needed in
| 2.6.25
| | too?) and hold the refactoring back for 2.6.27?
- --
To unsubscribe from this list: send the line "unsubscribe
linux-kernel" in
the body of a message to [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

| --
| Regards & Thanks--
| Subrata
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIY7lm+bHCR3gb8jsRAuIuAJ9zKdeeU8cseqeZzGkB08rLBASwDgCfYcBv
Bctu3WqkB/FryaB4lRJZLe8=
=Zuc8
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

Reply via email to