Capabilities workshop, followup questions
Andrew Morgan
morgan at transmeta.com
Sun Jun 18 17:02:07 GMT 2000
I think my impressions differed from yours(!):
http://www.geocrawler.com/lists/3/SourceForge/4109/0/3905261/
Specifically, I felt:
* that there was little love expressed for global constraints
(secure-level, global bounding sets etc.).
* DS17 were the exec rules we emerged with. I didn't hear anyone pushing
the D16 model.
> Finally, I had a few questions about things we did not resolve. First, in
> the setuid world, modifications to the setuid binary result in removal of
> the setuid bit. Should modifications to a capabilities binary result in
> capabilities being removed? Richard Offer and I discussed issues of
IMHO Yes.
> As I don't have a copy of D16, I can't comment on the rule set
> differences, but it sounded to me like we firmly concluded the D16
> inheritence rules were the way to go. Could someone post the conclusions
> on that?
? I didn't leave with this impression at all.
Cheers
Andrew
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list