X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=security%2FKconfig;h=62ed4717d334f3f10de514aa4b9e088f4b2ca827;hb=64fd52a52077d3cd5a778ca031c0aaecf885eaa6;hp=5dfc206748cfbd76f2e1f3114515aba7294cf67c;hpb=a8e98d6d51a3eb7bb061b1625193a129c8bd094f;p=linux-2.6

diff --git a/security/Kconfig b/security/Kconfig
index 5dfc206748..62ed4717d3 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -73,17 +73,9 @@ config SECURITY_NETWORK_XFRM
 	  IPSec.
 	  If you are unsure how to answer this question, answer N.
 
-config SECURITY_CAPABILITIES
-	bool "Default Linux Capabilities"
-	depends on SECURITY
-	default y
-	help
-	  This enables the "default" Linux capabilities functionality.
-	  If you are unsure how to answer this question, answer Y.
-
 config SECURITY_FILE_CAPABILITIES
 	bool "File POSIX Capabilities (EXPERIMENTAL)"
-	depends on (SECURITY=n || SECURITY_CAPABILITIES!=n) && EXPERIMENTAL
+	depends on EXPERIMENTAL
 	default n
 	help
 	  This enables filesystem capabilities, allowing you to give
@@ -113,10 +105,12 @@ config SECURITY_DEFAULT_MMAP_MIN_ADDR
 	  from userspace allocation.  Keeping a user from writing to low pages
 	  can help reduce the impact of kernel NULL pointer bugs.
 
-	  For most users with lots of address space a value of 65536 is
-	  reasonable and should cause no problems.  Programs which use vm86
-	  functionality would either need additional permissions from either
-	  the LSM or the capabilities module or have this protection disabled.
+	  For most ia64, ppc64 and x86 users with lots of address space
+	  a value of 65536 is reasonable and should cause no problems.
+	  On arm and other archs it should not be higher than 32768.
+	  Programs which use vm86 functionality would either need additional
+	  permissions from either the LSM or the capabilities module or have
+	  this protection disabled.
 
 	  This value can be changed after boot using the
 	  /proc/sys/vm/mmap_min_addr tunable.