Re: [PATCH 2/6] file capabilities: remove CONFIG_SECURITY_FILE_CAPABILITIES

["Andrew G. Morgan" <morgan@kernel.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Serge E. Hallyn wrote:
> From: Serge Hallyn <serue@us.ibm.com>
> 
> Remove the option to compile the kernel without file capabilities.  Not
> compiling file capabilities actually makes the kernel less safe, as it
> includes the possibility for a task changing another task's capabilities.
> 
> Some are concerned that userspace tools (and user education) are not
> up to the task of properly configuring file capabilities on a system.
> For those cases, there is now the ability to boot with the no_file_caps
> boot option.  This will prevent file capabilities from being used in
> the capabilities recalculation at exec, but will not change the rest
> of the kernel behavior which used to be switchable using the
> CONFIG_SECURITY_FILE_CAPABILITIES option.
> 
> Signed-off-by: Serge Hallyn <serue@us.ibm.com>

Acked-by: Andrew G. Morgan <morgan@kernel.org>

> ---
>  fs/open.c                  |    8 --
>  include/linux/capability.h |    2 -
>  include/linux/init_task.h  |    4 -
>  kernel/capability.c        |  158 --------------------------------------------
>  security/Kconfig           |    9 ---
>  security/commoncap.c       |   53 ---------------
>  6 files changed, 0 insertions(+), 234 deletions(-)
> 
> diff --git a/fs/open.c b/fs/open.c
> index 07da935..6e1cd6e 100644
[...snip...]

Cheers

Andrew
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI3bW9+bHCR3gb8jsRAoD6AKCdF8HNGdT8MPqWUBqrf8+BXGEyZwCfZc2T
+/hD1+FB2fTLae+vEbKpWX0=
=NerD
-----END PGP SIGNATURE-----