RemoveSETUID feature (Was: Summary/Minutes from today's FESCo meeting (2010-10-26) NEW TIME!)
Daniel J Walsh
dwalsh at redhat.com
Tue Dec 21 21:09:49 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/21/2010 03:50 PM, Colin Walters wrote:
> On Tue, Dec 21, 2010 at 3:21 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
>>
>> File capabilities just limit the number of capabilities an application
>> starts with. setuid app means an app starts with all 32, a couple of
>> new ones, capabilities. Then it is up to the app developer to drop the
>> capabilities when the app is done using them. Going to file
>> capabilities just limits the capabilities an application starts with to
>> the specified capabilities. The application developer should still drop
>> the capabilities once they no longer need them. It helps in the case of
>> a bug in an application, that does not drop capabilities.
>
> I understand the goal of getting fewer capabilities (however, I think
> switching setuid to cap_sys_admin is at best pointless, at worst an
> obfuscation).
>
> But you didn't answer my question - does the scope of this plan
> include a Unix mode 005 /bin, etc. or not?
No
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk0RF50ACgkQrlYvE4MpobP4lwCgjvFcXjpCq1BdjawVQOC6uHfL
kjwAoJ9A6lAIjLnhft+mpb4n3feZjuuw
=0JZe
-----END PGP SIGNATURE-----
More information about the devel
mailing list