|To:||"Serge E. Hallyn" <serue-AT-us.ibm.com>|
|Subject:||Re: [PATCH] add some long-missing capabilities to fs_mask|
|Date:||Mon, 13 Apr 2009 17:03:28 -0400|
|Cc:||Linus Torvalds <torvalds-AT-linux-foundation.org>, mtk.manpages-AT-gmail.com, Stephen Smalley <sds-AT-epoch.ncsc.mil>, Andrew Morgan <morgan-AT-kernel.org>, linux-security-module-AT-vger.kernel.org, lkml <linux-kernel-AT-vger.kernel.org>, linux-nfs-AT-vger.kernel.org, Igor Zhbanov <izh1979-AT-gmail.com>, "J. Bruce Fields" <bfields-AT-citi.umich.edu>, stable-AT-kernel.org, linux-api-AT-vger.kernel.org, Chris Wright <chrisw-AT-sous-sol.org>|
On Mon, 13 Apr 2009 09:56:14 CDT, "Serge E. Hallyn" said: > When POSIX capabilities were introduced during the 2.1 Linux > cycle, the fs mask, which represents the capabilities which having > fsuid==0 is supposed to grant, did not include CAP_MKNOD and > CAP_LINUX_IMMUTABLE. However, before capabilities the privilege > to call these did in fact depend upon fsuid==0. Wow. How did this manage to stay un-noticed for this long?
Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds