RFC: Remove write permissions from executables
Miloslav Trmač
mitr at volny.cz
Mon Jan 25 20:03:56 UTC 2010
Till Maas píše v Po 25. 01. 2010 v 18:58 +0100:
> Is there a tracker about what else needs to be done to finish this up?
Good idea, I have filed
https://bugzilla.redhat.com/show_bug.cgi?id=558612 .
(Realistically, this probably won't ever be "finished" because after
handling the low-hanging fruit we'll need to start considering e.g.
files in /etc case by case, in some cases making having to decide
between removing dac_override from some system processes and making the
configuration files they legitimately modify non-writeable by root.)
Mirek
More information about the devel
mailing list