Re: Subject: Re: ext3 to include capabilities?

Richard Gooch (rgooch@atnf.csiro.au)
Sat, 3 Apr 1999 17:28:00 +1000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brian May: "Re: eth0 CU wedged - just prior to full lock"
Previous message: Tim Osler: "Re: lost interrupts under 2.2.X"
In reply to: David Ford: "Re: Subject: Re: ext3 to include capabilities?"
Next in thread: Peter Benie: "Re: Subject: Re: ext3 to include capabilities?"

Albert D. Cahalan writes:
> The sticky bit would work fine over NFS. In that case, there must be
> a header flag to disable setuid operation. This is because /bin/ping
> and others must be setuid-root when running with an old kernel, but
> should not be root when they can just get the needed capabilities.
>
> I prefer the setuid bit though, because it will be noticed by scripts
> that look for suspicious executables. It is much less likely that a
> script will notice an executable with the sticky bit set. (but this
> is still better than a strange new file attribute)
>
> Well, which do people prefer? (sticky bit or setuid bit)

Ths suid but, of course, since setting it is privileged. Thus it is
obvious that it is a privileged binary.

Regards,

Richard....

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Brian May: "Re: eth0 CU wedged - just prior to full lock"
Previous message: Tim Osler: "Re: lost interrupts under 2.2.X"
In reply to: David Ford: "Re: Subject: Re: ext3 to include capabilities?"
Next in thread: Peter Benie: "Re: Subject: Re: ext3 to include capabilities?"