Package: lcap Version: 0.0.6-3 Severity: important Hi,
Removing capabilities with lcap on a 2.6.11 kernel without capability.ko module loaded does not produce any warning or error. In fact, it erroneously indicates that the capability was successfully removed, creating a false impression of security. Another oddity (possibly related) occurs when capability.ko is loaded and CAP_SYS_MODULE is then removed (again, on 2.6.11). In that case _all_ the capabilities are removed, contrary to the expectation. Removing other capabilities appears to work as expected. Best regards, Jurij Smakov [EMAIL PROTECTED] Key: http://www.wooyd.org/pgpkey/ KeyID: C99E03CC -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (101, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11-1-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages lcap depends on: ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
