> > Eh, what problem?
>
> The problem that setting inheritable bits is a non-priviledged operation
> under the setuid0 scheme, and there is a LOT of power in the inheritable
> bits. You are left wide open to trojan binaries, but a paranoid
> sysadmin
It is not a showstopper. Your capabilities do NOT prevent you from
trojan horses. If you run program with uid=0, it does not need any
special privileges to screw you up. [Hint: who is owner of /etc/passwd?]
Pavel
-- I'm really pavel@atrey.karlin.mff.cuni.cz. Pavel Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/