1 |
On 3/23/08, Ciaran McCreesh <ciaran.mccreesh@××××××××××.com> wrote: |
2 |
> On Sun, 23 Mar 2008 20:21:29 +0200 |
3 |
> "Alon Bar-Lev" <alonbl@g.o> wrote: |
4 |
> > linux-2.6.24 supports file based capabilities via: |
5 |
> > CONFIG_SECURITY_FILE_CAPABILITIES |
6 |
> > |
7 |
> |
8 |
> > This will provide more secured installation for users with a little |
9 |
> > effort, less usage of root user. |
10 |
> > |
11 |
> > What do you think? |
12 |
> |
13 |
> |
14 |
> Needs package manager support. Effectively this requires an EAPI bump, |
15 |
> since ebuilds need to know whether they can rely upon caps being |
16 |
> preserved across a merge or whether they have to degrade to a setuid |
17 |
> bit. |
18 |
|
19 |
Why? A simple USE flag should be enough, if set use caps, if not use current. |
20 |
|
21 |
Alon. |
22 |
-- |
23 |
gentoo-dev@l.g.o mailing list |