[ubuntu-hardened] File Posix Capabilities in Jaunty

Michal Zimen michal.zimen at gmail.com
Fri Mar 13 07:41:53 GMT 2009

Hi Kees,

I mean capabilities described for example in this article:

It would be better to have system without SUID executable files. Afterall,
it is not so complicated:)


On Thu, Mar 12, 2009 at 6:46 PM, Kees Cook <kees at ubuntu.com> wrote:

> Hi Michal,
> On Thu, Mar 12, 2009 at 11:27:56AM +0100, Michal Zimen wrote:
> >   Would be in Jaunty release used File POSIX Capabilities by default ?
> > I found in Intrepid only libcap2-bin package but there is no pam module
> > for capabilities.
> What is needed for PAM?  There is a long-lost patch to pam_limits to allow
> capability-fiddling-syntax, but I would assume that's not what you're
> looking for?
> Is there a specific patch you're interested in for PAM?
> -Kees
> --
> Kees Cook
> Ubuntu Security Team


"Every man dies; not every man really lives."
                      --William Wallace**, Braveheart
** Who certainly would have voted Fera, if he lived again [
http://volimfera.blogspot.com]  **
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20090313/b8666ca3/attachment.htm 

More information about the ubuntu-hardened mailing list