Ya'll need to discover pledge(2), unveil(2) and privilege separation.
https://twitter.com/majek04/status/1034759172041129984 …
-
-
Replying to @canadianbryan
Linux capabilities are awful and blaming that shit on POSIX by calling them "POSIX capabilities" when they have nothing to do with POSIX is.... uhg.
3 replies 3 retweets 7 likes -
Replying to @RichFelker @canadianbryan
Someone correct me if I'm wrong, but I think what happened was this: POSIX realized root was stupid, and switched to making "appropriate privileges" implementation-defined. Linux geeks somehow misread that as POSIX adopting their (copied from somewhere?) capabilities model.
2 replies 0 retweets 1 like -
Replying to @RichFelker @canadianbryan
IIRC Linux implemented an draft standard for capabilities proposed for POSIX but abandoned before Linux got around to implementing them.
1 reply 0 retweets 1 like
Yeah that sounds more plausible. The draft was "do this complex and wrong model", and the resulting action was "no, make it implementation-defined so implementations can do something that doesn't suck".
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.