[...]
> If you use the sticky bit for this purpose, a similar situation
> can happen: a normal user sets the sticky bit for a file when running
> an old kernel where it isn't restricted and then the file becomes
> privileged after switching kernels. This can be solved by ignoring
> the sticky bit on files not owned by root.
And you are back to square one: root is still very special, no SUID
<whatever> binaries allowed.
This stuff _has_ to go into the filesystem, no other scheme would work.
-- Horst von Brand vonbrand@sleipnir.valparaiso.cl Casilla 9G, Viņa del Mar, Chile +56 32 672616
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/