Hi, I am running a 2.5.69 kernel built with CONFIG_SECURITY = Y and CONFIG_SECURITY_CAPABILITIES = M. I tried to use the capset() system call to modify the capabiities of a task. But capset always returns with -EPERM. After browsing the code a little, I found why capset() is failing. All tasks created after the capability module is loaded have CAP_SETPCAP unset in their effective and permitted capability masks. This makes capset useless. Is masking CAP_SETPCAP intentional or is it a bug? If it is intentional, is there an alternate way to change capabilities? Thanks, Ravi. PS: I am not subscribed to the list. Please CC me on the replies. __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Jul 02 2003 - 11:14:00 PDT