LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fixing CAP_SETPCAP

Fixing CAP_SETPCAP

Posted Nov 4, 2007 4:10 UTC (Sun) by nlucas (subscriber, #33793)
In reply to: Fixing CAP_SETPCAP by giraffedata
Parent article: Fixing CAP_SETPCAP 

The general use of CAP_SYS_ADMIN all around the kernel is what makes me doubt of any new
capability system extensions to what exists now.

I'm no security expert, but can't understand how they can overcame that without a major
overhaul all around the kernel code.

I see this new features as nice things to help secure a system, but this all seem just more
"hacks" around the fact there isn't any "grand scheme" for security well thought (I mean, in a
modern way, because we all know traditional UNIX security way is just obsolete).

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds