[ubuntu-hardened] Re moving suid root from binaries where it isn't needed
Phillip Lougher
phillip at lougher.demon.co.uk
Wed Oct 31 04:07:29 GMT 2007
Chad Sellers-2 wrote:
>
> I'm not overly familiar with the livecd, but I believe it uses at least
> unionfs with squashfs (among others). This is based on the bug that caused
> apparmor to be removed from the livecd due to its problems handling
> unionfs.
>
I'd be surprised if AppArmor was removed from the liveCD kernel. What I
think you're referring to is that the integration of AppArmor caused Unionfs
to be updated to 2.1.2 (AppArmor changes the VFS interfaces which Unionfs
uses, and we had a patch for Unionfs 2.1.2). The presence of numerous bugs
in Unionfs 2.1.2 badly broke the liveCD. Following this a patch for the
AppArmor VFS changes was made for Unionfs 1.4, and Unionfs was reverted to
Unionfs 1.4 in the Gutsy kernel. This should have solved liveCD booting
without removing AppArmor.
Phillip
--
View this message in context: http://www.nabble.com/Removing-suid-root-from-binaries-where-it-isn%27t-needed-tf4720353.html#a13502503
Sent from the ubuntu-hardened mailing list archive at Nabble.com.
More information about the ubuntu-hardened
mailing list