Date: Mon, 25 Aug 2008 09:03:49 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 148363 for review Message-ID: <200808250903.m7P93nLI080458@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=148363 Change 148363 by rwatson@rwatson_freebsd_capabilities on 2008/08/25 09:03:33 Remove a todo item to add a privilege to escape from capability mode: that's not desired. Affected files ... .. //depot/projects/trustedbsd/capabilities/TODO#8 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/TODO#8 (text+ko) ==== @@ -38,8 +38,6 @@ diverse set of rights. Should we do something more fine-grained and request a specific capability based on arguments and other context? -- Should there be a priv(9) privilege to expand capability rights? (no) - - Refine access control on sysctl infrastructure sysctls, such as name lookup, etc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808250903.m7P93nLI080458>