On Dec 26 2007 16:29, Andrew Morgan wrote:
>>
>> I'm assuming it's unintended - or rather it's harmless but has no use -
>> but will let Andrew respond since he may have some cool idea i haven't
>> thought of.
>
>This is not intended behavior. It should be fixed (aka such support
>removed). Capabilities should only be available on executable files -
>not directories, symlinks or anything else...
>
What about defining Windows-style access control, e.g. splitting up
the +w bit into "append (create new files)" and "delete files"?
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
