Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] Is there any chance for a new version of compartment to come out?
  • From: Ace <aceop@xxxxxxx>
  • Date: Sun, 01 Sep 2002 13:59:48 +0200
  • Message-id: <3D720134.8040507@xxxxxxx>
Well, I use it for Apache, can't tell if it works, too, but the README of Compartment 1.1 promises that in a coming version the combination of --user and --caps would be possible. So you could execute programs with user rights plus some extra capabilities, too, I suppose.
It's of course okay to run all programs as root, taking them some capabilities with --caps, but if there theoretically now was that other possibility, why not use it?
At least I'd feel better if a program ran as user with extra caps than if a program ran as root with restricted caps.

Peter Asemann

< Previous Next >
This Thread
Follow Ups