Gentoo Archives: gentoo-user

From:	Jonathan <winelauncher.jonathan@××××××××××.com>
To:	gentoo-user@l.g.o
Cc:	dwnoon@××××××××.com
Subject:	Re: [gentoo-user] How many ways are there for a user to increase their permissions?
Date:	Sat, 17 Apr 2010 21:33:56
Message-Id:	`20100417223206.51065b4a@box`
In Reply to:	Re: [gentoo-user] How many ways are there for a user to increase their permissions? by David W Noon

1	On Sat, 17 Apr 2010 21:45:57 +0100
2	David W Noon <dwnoon@××××××××.com> wrote:
3
4	> In fact, POSIX capabilities are a mechanism to reduce a program's
5	> permissions, not increase them.
6
7	It's true that Linux "capabilities" are used to replace SUID and that does reduce the programs permissions.
8	On the other hand programs like Wine. Which no one would never run with SUID could be run with CAP_NET_RAW.
9	That would be a increase in permissions. Wine needs to be able to ping because some program need to use IPX[1],
10	Like Red Alert 2. Someone has made a patch for Red Alert 2 to use TCP/IP and I can not think of another program off the top of my head.
11
12	That information came from "man 7 capabilities". So I guess it's all about how you look at it.
13
14	[1] http://en.wikipedia.org/wiki/Internetwork_Packet_Exchange

Subject	Author
Re: [gentoo-user] How many ways are there for a user to increase their permissions?	KH <gentoo-user@××××××××××××××××.de>