1 Sep
2002
1 Sep
'02
11:59
Well, I use it for Apache, can't tell if it works, too, but the README of Compartment 1.1 promises that in a coming version the combination of --user and --caps would be possible. So you could execute programs with user rights plus some extra capabilities, too, I suppose. It's of course okay to run all programs as root, taking them some capabilities with --caps, but if there theoretically now was that other possibility, why not use it? At least I'd feel better if a program ran as user with extra caps than if a program ran as root with restricted caps. Peter Asemann