From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Jdn9T-0002fz-0s for garchives@archives.gentoo.org; Mon, 24 Mar 2008 13:55:51 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D0595E0713; Mon, 24 Mar 2008 13:55:49 +0000 (UTC) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.173]) by pigeon.gentoo.org (Postfix) with ESMTP id 7D381E0713 for ; Mon, 24 Mar 2008 13:55:49 +0000 (UTC) Received: by ug-out-1314.google.com with SMTP id j3so2025651ugf.49 for ; Mon, 24 Mar 2008 06:55:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=J3Fi/LSTOgtrIzPCLzqjhpxoL5Y5Kmtqy8wGxLEZr8M=; b=Zm+eoI/OVO+e+i1fravS+3G9vbjDbuYszc0AQVFsEIwCP2sL6SX5Mmr6JEhsM0Kto4ulxTsIudOeuKkPwPDHdWJmLnw0jO6ggpqUhzPIRlj8JSJO2LIGhxqTrTyozR8iq24WGW82byPmW811Oxw3TbM/ijtusBha97N46DJ1yCQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=TdenMTkJ+Xmm6SJR2dyaDQz6ObdGhNmdi72JXUOd74KXp4gIn455gxesdoLCD9UsD5dsDt6S1iTfw1H+QEBqEqQxbcnlWdn3h29SwkW7zn4y183VjhRNuhYKCCoBig1VpAcAj4EVUmJOtBI2H4QVopGTn989hEr5bu0pTuV6OEA= Received: by 10.67.116.7 with SMTP id t7mr4751275ugm.38.1206366948845; Mon, 24 Mar 2008 06:55:48 -0700 (PDT) Received: by 10.66.225.9 with HTTP; Mon, 24 Mar 2008 06:55:48 -0700 (PDT) Message-ID: <9e0cf0bf0803240655g6f0ab2dbh3782fd63222287b8@mail.gmail.com> Date: Mon, 24 Mar 2008 15:55:48 +0200 From: "Alon Bar-Lev" Sender: alon.barlev@gmail.com To: "Mike Frysinger" Subject: Re: [gentoo-dev] [SECURITY] Minimizing the suid usage Cc: gentoo-dev@lists.gentoo.org In-Reply-To: <200803240953.52578.vapier@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <9e0cf0bf0803231121t75eb67abu60f17f54086dd32@mail.gmail.com> <200803240750.50816.vapier@gentoo.org> <9e0cf0bf0803240527y18b173f7id679c061e7bf8975@mail.gmail.com> <200803240953.52578.vapier@gentoo.org> X-Google-Sender-Auth: 7234176f70d0b276 X-Archives-Salt: 8873c972-c615-48ac-a980-f1f48de9a8ae X-Archives-Hash: 80c46e94ee6e4b49d6e62012d40436e5 On 3/24/08, Mike Frysinger wrote: > how much do we want to help the user ? if they have USE=filecaps, then dont > perform any checking ? we'll need a kernel with file capabilities turned on, > otherwise the prog wont work unless it's setuid ... so do we perform checking > and drop the setuid bit on the post sly ? i'd prefer we just make the > filecaps desc verbose: dont set this unless you have new enough kernel with > options enabled, otherwise things may stop working properly as non-root. I also prefer descriptive warning and not runtime checks. Worse case scenario, system will be usable for root only. root can remove this USE flag and emerge --update --deep --newuse world. Alon. -- gentoo-dev@lists.gentoo.org mailing list