Home » Mailing list archives » linux-kernel » 2007 » October » 22

Re: Potential regression in -git15: can't resume stopped root shell?

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Theodore Tso
Subject: Re: Potential regression in -git15: can't resume stopped root shell?
Date: Sunday, October 21, 2007 - 5:58 pm

On Sat, Oct 20, 2007 at 02:58:06PM -0400, Theodore Tso wrote:

OK, I bisected, and it turns out to be a bug, but not a regression.
Turns out the responsible commit is:

commit b53767719b6cd8789392ea3e7e2eb7b8906898f0
Author: Serge E. Hallyn <serue@us.ibm.com>
Date:   Tue Oct 16 23:31:36 2007 -0700

    Implement file posix capabilities
    
    Implement file posix capabilities.  This allows programs to be given a
    subset of root's powers regardless of who runs them, without having to use
    setuid and giving the binary all of root's powers.....

Once I turned this up, I turned went back to -git15, and turned off
CONFIG_SECURITY_FILE_CAPABILITIES, and the problem went away.  Oh,
well, I had wanted to try out file capabilities, which is why I had
turned the option on, but being able to resume suspended root shells
is more important.  :-)

Serge, can you take a look at this, please?  Thanks!!

						- Ted
-
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
Potential regression in -git15: can't resume stopped root ..., Theodore Tso, (Sat Oct 20, 11:58 am)
Re: Potential regression in -git15: can't resume stopped r ..., Theodore Tso, (Sun Oct 21, 5:58 pm)