On Thu, 01 Mar 2012 14:52:43 +0100, Per Jessen wrote:
Well, maybe start with "man capabilities". I think that is where I saw CAP_NET_BROADCAST mentioned. I have never played with any of this, but my understanding is that you can manage various capabilities on a per-process or per-user basis. I'm grasping at straws, but I'm sure somebody here will have an actual understanding of this.
From what I understand, kernel capabilities are disabled selectively - you start a program as root and it has access to everything, and then the program (perhaps also an external process can do this - that I don't know) disables what the program shouldn't be allowed to do.
Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org