[ubuntu-hardened] Removing suid root from binaries where it isn't needed

[Jeff Schroeder]

On 10/31/07, Chad Sellers <csellers at tresys.com> wrote:
> That sounds like a good plan. Extra thought and testing will be good, as
> this is an area where you have to tread very carefully. You have to account
> for non-xattr filesystems, people who compile their own kernel (possibly
> without fscaps), and many associated corner cases. We actually talked about
> doing something similar with SELinux (authoritative caps [1]), but decided
> against it due to these problems.

We really need to test this out. I played with the cap_over LSM a
year+ ago which did the exact same thing regarding adding caps to a
file. The funny thing was that my fs was not mounted with user_xattr
yet it worked. You would certainly know better than me, but SELinux
doesn't require special mount options to properly enforce either does
it? Are there different classes of EA where some don't need the volume
to have special mount options? Forgive me for not wanting to rip open
a kernel tarball at 7AM and read through vfs code.

-- 
Jeff Schroeder

Don't drink and derive, alcohol and analysis don't mix.
http://www.digitalprognosis.com