GNU bug report logs - #61462
Add support for file capabilities(7)

Previous Next

Package: guix-patches;

Reported by: Tobias Geerinckx-Rice <me <at> tobias.gr>

Date: Sun, 12 Feb 2023 20:46:01 UTC

Severity: normal

Tags: patch

Done: Tobias Geerinckx-Rice <me <at> tobias.gr>

Bug is archived. No further changes may be made.

Full log

Message #58 received at 61462 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Vagrant Cascadian <vagrant <at> debian.org>
Cc: Tobias Geerinckx-Rice <me <at> tobias.gr>, 61462 <at> debbugs.gnu.org
Subject: Re: bug#61462: Add support for file capabilities(7)
Date: Thu, 20 Apr 2023 12:33:27 +0200

Hi,

Vagrant Cascadian <vagrant <at> debian.org> skribis:

> At least the case I am most familiar with, lcsync, it really should not
> run as setuid-root, as that effectively allows anyone to modify or copy
> any file as root. Although, likely Hurd limits the impacts of setuid
> root in ways I do not understand?

There are many more things that can be done on the Hurd without being
root.  So I don’t know, maybe we can ignore the issue for now and simply
make sure that the defaults work for the Hurd.

> Even then, I still think if you ask for something in your guix system
> configuration, and it cannot deliver what you asked for, it should not
> give you something else as an approximation of what you wanted.

Yeah, you’re right that an approximation could be risky…

Thanks,
Ludo’.
This bug report was last modified 305 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.