[Linux-privs-discuss] Re: Capabilities/privileges and bounding sets

[Linda Walsh]

What will the file system defaults be if no bounding set is
present?  Have you given any thought about a per-mount default 
set f(PIE) in addition to the bounding vector?
--
Linda A Walsh                    | Trust Technology, Core Linux, SGI
law at sgi.com                      | Voice: (650) 933-5338                        
> For bounding sets, I'm using the 'X' in DS17 implemented as:
> 
>        X = fB & (~pB)
> 
> fB is a per-filesystem-mount bound, ~pB is a per process bound: pB' =
> pB. [I'm trying to use your notation for pB - namely the '~' of the
> mask. Although elsewhere I'm likely to use another notation.]

To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message