Feature changed by: Pascal Bleser (pbleser) Feature #307254, revision 4 Title: Use POSIX capabilities instead of suid openSUSE-11.3: Unconfirmed Priority - Requester: Desirable + Requester: Neutral Requested by: Pascal Bleser (pbleser) Description: Use POSIX file capabilities instead of suid processes and running e.g. Apache as root: * http://www.nuxified.org/blog/dear-distributors (http://www.nuxified.org/blog/dear-distributors) * http://www.friedhoff.org/posixfilecaps.html (http://www.friedhoff.org/posixfilecaps.html) * https://www.redhat.com/archives/fedora-devel-list/2009-July/msg01568.html (https://www.redhat.com/archives/fedora-devel-list/2009-July/msg01568.html) Discussion: #1: Jan Engelhardt (jengelh) (2009-08-09 14:21:02) Some tools like tar(1) do not even support recording Xattrs/ACLs (yet people still use that for backups), and Filesystem Capabilities (not POSIX capabilities) would not be recorded either. Such should really be addresses first, more or less. -- openSUSE Feature: https://features.opensuse.org/307254