Re: Subject: Re: ext3 to include capabilities?
Richard Gooch (rgooch@atnf.csiro.au)
Sat, 3 Apr 1999 17:28:00 +1000
Albert D. Cahalan writes:
> The sticky bit would work fine over NFS. In that case, there must be
> a header flag to disable setuid operation. This is because /bin/ping
> and others must be setuid-root when running with an old kernel, but
> should not be root when they can just get the needed capabilities.
>
> I prefer the setuid bit though, because it will be noticed by scripts
> that look for suspicious executables. It is much less likely that a
> script will notice an executable with the sticky bit set. (but this
> is still better than a strange new file attribute)
>
> Well, which do people prefer? (sticky bit or setuid bit)
Ths suid but, of course, since setting it is privileged. Thus it is
obvious that it is a privileged binary.
Regards,
Richard....
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/