Adding Capabilities to the Linux kernel is strongly discouraged, and there are many alternatives (e.g. using file descriptors to carry authorization). This needs to be documented clearly so we have somewhere to point when reviewing patches, especially in the face of Linus moving caps to u64, saying, "the last thing we want to do is to extend the capability set any more".
Adding Capabilities to the Linux kernel is strongly discouraged, and there are many alternatives (e.g. using file descriptors to carry authorization). This needs to be documented clearly so we have somewhere to point when reviewing patches, especially in the face of Linus moving caps to u64, saying, "the last thing we want to do is to extend the capability set any more".
https://git.kernel.org/linus/f122a08b197d076ccf136c73fae0146875812a88