[ubuntu-hardened] File Posix Capabilities in Jaunty
Kees Cook
kees at ubuntu.com
Fri Mar 13 17:00:44 GMT 2009
Hi Michal,
On Fri, Mar 13, 2009 at 08:41:53AM +0100, Michal Zimen wrote:
> I mean capabilities described for example in this article:
> http://www.friedhoff.org/posixfilecaps.html
>
>
> It would be better to have system without SUID executable files. Afterall,
> it is not so complicated:)
As far as I know, this is all implemented and working. The only confusing
thing is the libcap-bin is outdated, and libcap2-bin is the bit that
provides pam_cap.so.
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the ubuntu-hardened
mailing list