|author||Serge E. Hallyn <email@example.com>||2009-11-23 16:21:30 -0600|
|committer||James Morris <firstname.lastname@example.org>||2009-11-24 15:06:47 +1100|
remove CONFIG_SECURITY_FILE_CAPABILITIES compile option
As far as I know, all distros currently ship kernels with default CONFIG_SECURITY_FILE_CAPABILITIES=y. Since having the option on leaves a 'no_file_caps' option to boot without file capabilities, the main reason to keep the option is that turning it off saves you (on my s390x partition) 5k. In particular, vmlinux sizes came to: without patch fscaps=n: 53598392 without patch fscaps=y: 53603406 with this patch applied: 53603342 with the security-next tree. Against this we must weigh the fact that there is no simple way for userspace to figure out whether file capabilities are supported, while things like per-process securebits, capability bounding sets, and adding bits to pI if CAP_SETPCAP is in pE are not supported with SECURITY_FILE_CAPABILITIES=n, leaving a bit of a problem for applications wanting to know whether they can use them and/or why something failed. It also adds another subtly different set of semantics which we must maintain at the risk of severe security regressions. So this patch removes the SECURITY_FILE_CAPABILITIES compile option. It drops the kernel size by about 50k over the stock SECURITY_FILE_CAPABILITIES=y kernel, by removing the cap_limit_ptraced_target() function. Changelog: Nov 20: remove cap_limit_ptraced_target() as it's logic was ifndef'ed. Signed-off-by: Serge E. Hallyn <email@example.com> Acked-by: Andrew G. Morgan" <firstname.lastname@example.org> Signed-off-by: James Morris <email@example.com>
Diffstat (limited to 'security/Kconfig')
1 files changed, 0 insertions, 9 deletions
diff --git a/security/Kconfig b/security/Kconfig
index 95cc08913ca..226b9556b25 100644
@@ -91,15 +91,6 @@ config SECURITY_PATH
implement pathname based access controls.
If you are unsure how to answer this question, answer N.
- bool "File POSIX Capabilities"
- default n
- This enables filesystem capabilities, allowing you to give
- binaries a subset of root's powers without using setuid 0.
- If in doubt, answer N.
bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)"
depends on HAVE_INTEL_TXT