Removing SUID on binaries that don't need it
Kees Cook
kees at ubuntu.com
Wed Oct 31 20:58:06 GMT 2007
On Sun, Oct 28, 2007 at 02:24:42PM -0700, Jeff Schroeder wrote:
> Serge Hallyn's recent implement-file-system-posix-capabilities.patch
> finally got the buyoff from Andrew Morton and is going to be going
> into the as of yet unreleased 2.6.24 kernel. However, since Hardy will
> very likely be using the 2.6.24 kernel, maybe we can look at what this
> specific feature buys us.
A quick follow-up to folks not on the Ubuntu Hardened mailing list,
we've taken the discussion about fscap (and other things) there:
https://lists.ubuntu.com/archives/ubuntu-hardened/2007-October/thread.html
Thanks,
-Kees
--
Kees Cook
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20071031/8eb6deba/attachment.pgp
More information about the ubuntu-devel
mailing list