| 1 |
On Mon, 1 Aug 2011 01:16:21 +0530 |
| 2 |
Nirbheek Chauhan <nirbheek@g.o> wrote: |
| 3 |
|
| 4 |
> On Sun, Jul 31, 2011 at 8:13 PM, Anthony G. Basile |
| 5 |
> <blueness@g.o> wrote: |
| 6 |
> > Hi everyone, |
| 7 |
> > |
| 8 |
> > A couple of days ago, bonsaikitten (Patrick), kerframil (Kerin |
| 9 |
> > Millar) and myself were talking about other distros moving away |
| 10 |
> > from setuid binaries towards caps. Openwall and Fedora are now |
| 11 |
> > setuid-less [1]. Some googling showed that Constanze has done quite |
| 12 |
> > a bit of work in the area and that there was a consensus to include |
| 13 |
> > functions to set caps within portage [2]. I don't know what, if |
| 14 |
> > anything has been done since then, but I'd like to lend my support. |
| 15 |
> > |
| 16 |
> |
| 17 |
> One problem that came up was that a lot of people use tmpfs for |
| 18 |
> /var/tmp/portage, and tmpfs doesn't support xattrs which are needed |
| 19 |
> for setting caps. |
| 20 |
|
| 21 |
Will packages always explicitly set caps themselves or will sometimes |
| 22 |
upstream do that for us? |
| 23 |
|
| 24 |
IOW, will we have total control over actual caps? |
| 25 |
|
| 26 |
-- |
| 27 |
Best regards, |
| 28 |
Michał Górny |
Archives