Re: Subject: Re: ext3 to include capabilities?

Peter Benie (pjb1008@cam.ac.uk)
Sat, 3 Apr 1999 12:51:06 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alexander Viro: "(Sticky bit on files) Re: Subject: Re: ext3 to include capabilities?"
Previous message: Richard Gooch: "Re: Subject: Re: ext3 to include capabilities?"
In reply to: David Ford: "Re: Subject: Re: ext3 to include capabilities?"

In article <199904030420.XAA13482@saturn.cs.uml.edu>,
Albert D. Cahalan <acahalan@cs.uml.edu> wrote:
>Santos Halpar writes:
>> Your idea does limit the fs data needed to one bit, and that's
>> something I don't mind. Using the suid bit as you suggest is
>> bogus, though. The sticky bit would work if it were limited to root,
>> but that's not an assumption that's workable in an NFS environment
>> (correct me if I'm wrong).

Some NFS servers are configured not to serve files to root on the NFS
client. Reading a 'setuid' binary can be done with the credentials of
the unprivileged user so using the setuid bit should not be a problem.

>I prefer the setuid bit though, because it will be noticed by scripts
>that look for suspicious executables. It is much less likely that a
>script will notice an executable with the sticky bit set. (but this
>is still better than a strange new file attribute)
>
>Well, which do people prefer? (sticky bit or setuid bit)

bash:~$ ls -Ll /usr/bin/emacs
-rwxr-xr-t 2 root root 2383732 Jun 10 1998 /usr/bin/emacs*

Let's not overload the sticky bit :-).

Peter

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alexander Viro: "(Sticky bit on files) Re: Subject: Re: ext3 to include capabilities?"
Previous message: Richard Gooch: "Re: Subject: Re: ext3 to include capabilities?"
In reply to: David Ford: "Re: Subject: Re: ext3 to include capabilities?"