Implement fscaps handling in dpkg

Registered by Kees Cook on 2010-04-27

Discuss how to implement filesystem capabilities in dpkg.

Blueprint information

Status:
Not started
Approver:
Kees Cook
Priority:
Medium
Drafter:
Kees Cook
Direction:
Needs approval
Assignee:
Kees Cook
Definition:
Approved
Series goal:
Accepted for maverick
Implementation:
Not started
Milestone target:
milestone icon ubuntu-10.10

Related branches

Sprints

Whiteboard

Review fscaps blockers, with an eye towards what will be required in dpkg to support them.

 * https://wiki.ubuntu.com/Security/FilesystemCapabilties
  * tar
  * cpio
  * rsync
  * dpkg
   * needs cap-overrides file?
   * setuid fall-back?

Work items:
[kees] verify each filesystem used by installer can handle extended attributes: POSTPONED
[kees] persue adding xattr support to squashfs: POSTPONED
[kees] drive tar xattr/acl patches into upstream: POSTPONED
[kees] make sure tar gracefully handles restoring to a filesystem that lacks xattr/acl support: POSTPONED
[kees] find a way to have "dpkg-deb -c" display xattrs sanely: POSTPONED
[kees] drive cpio xattr/acl patches into upstream: POSTPONED
[kees] persue adding -AX to -a in rsync upstream: POSTPONED
[kees] identify common code pattern upstreams can use to validate caps, drop privs, etc: POSTPONED
[kees] engage Debian on defining best practices of fscaps: POSTPONED
[kees] document how a package maintainer should handle adding fscaps to their package: POSTPONED
[kees] implement "ping" as working example of fscaps done with Debian packaging: POSTPONED

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.