[ubuntu-hardened] File Posix Capabilities in Jaunty
michal.zimen at gmail.com
Fri Mar 13 07:41:53 GMT 2009
I mean capabilities described for example in this article:
It would be better to have system without SUID executable files. Afterall,
it is not so complicated:)
On Thu, Mar 12, 2009 at 6:46 PM, Kees Cook <kees at ubuntu.com> wrote:
> Hi Michal,
> On Thu, Mar 12, 2009 at 11:27:56AM +0100, Michal Zimen wrote:
> > Would be in Jaunty release used File POSIX Capabilities by default ?
> > I found in Intrepid only libcap2-bin package but there is no pam module
> > for capabilities.
> What is needed for PAM? There is a long-lost patch to pam_limits to allow
> capability-fiddling-syntax, but I would assume that's not what you're
> looking for?
> Is there a specific patch you're interested in for PAM?
> Kees Cook
> Ubuntu Security Team
"Every man dies; not every man really lives."
--William Wallace**, Braveheart
** Who certainly would have voted Fera, if he lived again [
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-hardened