Are capabilities worthwhile?

From: Bob Smith <bsmith@xxxxxxxxxxxxx>
Date: Tue, 26 Sep 2006 09:15:49 GMT

I was under the impression that capabilities
were a good idea and should be user when
possible. (In my case, on an appliance.)

An article at Linux Weekly News makes me
doubt my assumption about capabilities:
http://lwn.net/Articles/198557/

What do you think?
Can they really help security?
Or are they critically flawed?

thanks in advance
Bob
.

Follow-Ups:
- Re: Are capabilities worthwhile?
  - From: Bob Smith
- Re: Are capabilities worthwhile?
  - From: Ertugrul Soeylemez

Prev by Date: Proposed laws breaching privacy and security
Next by Date: Re: [sshd] send a mail when a event login occur ?
Previous by thread: Proposed laws breaching privacy and security
Next by thread: Re: Are capabilities worthwhile?
Index(es):
- Date
- Thread

Relevant Pages

Re: Are capabilities worthwhile?
... An article at Linux Weekly News makes me ... My approach has been to have the daemons started ... in rc.sysinit drop capabilities as part of their ... My hope had been that once the appliance was ...
(comp.os.linux.security)
Re: Marine Corp EFV (Expeditionary Fighting Vehicle)
... Arved has this impression that he knows what I think, ... the door' on a hostile beach, figure out what capabilities it takes to ... and then acquire those capabilities. ... -- Buffy, the Vampire Slayer ...
(sci.military.naval)
Re: Are capabilities worthwhile?
... An article at Linux Weekly News makes me doubt my assumption about ... That's a matter of view. ... Sure, assuming the capabilities implementation ... they could enhance security a bit. ...
(comp.os.linux.security)