> 1. Make an executable that runs with UID 0 but no capabilities.
> 2. Make an executable that runs with exec'rs UID and capabilities.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 3. Make an executable that runs with UID 0 and capabilities.
>
> with real capabilities in the fs:
> 1. owner 0, setuid, no capabilities are set
> 2. owner anyone, no setuid, capabilities are set
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Aha. And if you do ls -l on that file, it looks completely innocent,
does it? I doubt this is good idea.
Pavel
-- I'm really pavel@atrey.karlin.mff.cuni.cz. Pavel Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/