RemoveSETUID feature (Was: Summary/Minutes from today's FESCo meeting (2010-10-26) NEW TIME!)
Colin Walters
walters at verbum.org
Tue Dec 21 20:50:33 UTC 2010
On Tue, Dec 21, 2010 at 3:21 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
>
> File capabilities just limit the number of capabilities an application
> starts with. setuid app means an app starts with all 32, a couple of
> new ones, capabilities. Then it is up to the app developer to drop the
> capabilities when the app is done using them. Going to file
> capabilities just limits the capabilities an application starts with to
> the specified capabilities. The application developer should still drop
> the capabilities once they no longer need them. It helps in the case of
> a bug in an application, that does not drop capabilities.
I understand the goal of getting fewer capabilities (however, I think
switching setuid to cap_sys_admin is at best pointless, at worst an
obfuscation).
But you didn't answer my question - does the scope of this plan
include a Unix mode 005 /bin, etc. or not?
More information about the devel
mailing list