public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Rob Landley <rob@landley.net>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Serge Hallyn <serge.hallyn@canonical.com>,
	James Morris <james.l.morris@oracle.com>,
	linux-security-module@vger.kernel.org,
	Casey Schaufler <casey@schaufler-ca.com>,
	linux-kernel@vger.kernel.org, Eric Paris <eparis@redhat.com>,
	"Andrew G. Morgan" <morgan@kernel.org>,
	mtk.manpages@gmail.com
Subject: Re: [PATCH] Document how capability bits work
Date: Fri, 07 Dec 2012 19:10:04 -0600	[thread overview]
Message-ID: <1354929004.20497.4@driftwood> (raw)
In-Reply-To: <CALCETrUZyD=Z6bQ3vZC8_9giv67-BuZGm2PgshM0E5hUDe6=bQ@mail.gmail.com> (from luto@amacapital.net on Fri Dec  7 13:32:18 2012)

On 12/07/2012 01:32:18 PM, Andy Lutomirski wrote:
> On Fri, Dec 7, 2012 at 11:21 AM, Serge Hallyn
> <serge.hallyn@canonical.com> wrote:
> > Quoting Andy Lutomirski (luto@amacapital.net):
> >> Signed-off-by: Andy Lutomirski <luto@amacapital.net>
> >> ---
> >>  Documentation/security/capabilities.txt | 161  
> ++++++++++++++++++++++++++++++++
> >>  1 file changed, 161 insertions(+)
> >>  create mode 100644 Documentation/security/capabilities.txt
> >
> > TBH, I think a pointer to the capabilities.7 man page would be  
> better.
> > (plus, if you feel they are needed, updates to the man page)
> 
> Updating capabilities.7 wouldn't be a bad idea, but IMO it certainly
> needs work.  For example, it says:
...
> I would be happy to revise this patch to reference capabilities.7.

The capabilities.7 man page is existing maintained documentation on how  
to use this from userspace, which seems to be the point of your  
document. Having include/linux/uapi/capability.h mention its existence  
might be good. Feeding fixes to the documentation we've already got  
would be good.

I read your document having largely ignored capabilities for years, and  
don't feel I have a better understanding of them after reading it. (I'm  
aware they exist, I'm aware they're used as a justification for  
extended attributes, I'm aware people think breaking a fireplace into a  
bunch of candleflames increases fire safety. I'm aware of  
http://forums.grsecurity.net/viewtopic.php?f=7&t=2522 and I _used_ to  
be aware of  
http://userweb.kernel.org/~morgan/sendmail-capabilities-war-story.html  
but kernel.org never bothered putting most of itself back together  
after the breakin last year and archive.org doesn't have a copy. I'm  
aware that a decade ago at Atlanta Linux Showcase in california Ted Tso  
was sad nobody was using them yet. But I haven't hugely been tracking  
changes over the last 5 years in how they work. It looks like figuring  
out who has what involves working through exercises in set theory that  
cannot be explained using a 127 bit ascii set. Personally, I prefer  
"more dangerous" security setups that don't require I pull out scratch  
paper to reason about the state of the system, so perhaps I'm biased  
here.)

Rob

  reply	other threads:[~2012-12-08  1:10 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-12-07 18:20 [PATCH] Document how capability bits work Andy Lutomirski
2012-12-07 19:21 ` Serge Hallyn
2012-12-07 19:32   ` Andy Lutomirski
2012-12-08  1:10     ` Rob Landley [this message]
2012-12-08  1:27       ` Andy Lutomirski
2012-12-08  9:51         ` Rob Landley
2012-12-10  5:57           ` Serge Hallyn
2012-12-09  9:54         ` Michael Kerrisk (man-pages)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1354929004.20497.4@driftwood \
    --to=rob@landley.net \
    --cc=casey@schaufler-ca.com \
    --cc=eparis@redhat.com \
    --cc=james.l.morris@oracle.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=morgan@kernel.org \
    --cc=mtk.manpages@gmail.com \
    --cc=serge.hallyn@canonical.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox