Daenyth Blank wrote:
On Wed, Nov 4, 2009 at 10:14, Daenyth Blank <daenyth+arch@gmail.com> wrote:
On Wed, Nov 4, 2009 at 10:12, Shridhar Daithankar <ghodechhap@ghodechhap.net> wrote:
so can this be done by default? thus reducing setuid usage? it should improve security right?
This should probably go on the bug tracker as a feature request.
Actually, the article states that not all file systems support this, so I don't think that it should be put in as the default. I think that it deserves mention on the wiki, however.
I writed an article in the wiki [#1] some time ago, for all common setuids in core packages and xorg about this. Some will fail and make more unsafe than safer (like mount) [#1] http://wiki.archlinux.org/index.php/Using_File_Capabilities_Instead_Of_Setui... -- Gerardo Exequiel Pozzi ( djgera ) http://www.djgera.com.ar KeyID: 0x1B8C330D Key fingerprint = 0CAA D5D4 CD85 4434 A219 76ED 39AB 221B 1B8C 330D