Setting up gpg on an IRIX web server
Remi Guyomarch
rguyom@mail.dotcom.fr
Sat, 5 Feb 2000 00:19:46 +0100
On Fri, Feb 04, 2000 at 03:39:03PM +0100, Werner Koch wrote:
> On Fri, 4 Feb 2000, sen_ml@eccosys.com wrote:
>
> > it would be nice for other os-s to support this so usage of setuid can
> > be avoided. does anyone know whether there is any work being done to
> > support this? (at least for linux?)
>
> according to Dave Miller this is not allowed by POSIX. The solution
> for Linux are Capabilities (there is no Posix standard but it is
> decribed in the draft standard). GnuPG supports it and IIRC Rémi
> supplied the patches and it seems to work. You have to do a
> ./configure --use-capabilities to enable it. However, you need an
> extra library (libpcap) to make it work.
You will also need a kernel patch to add (semi)persistant storage of
capabilities.