[ubuntu-hardened] File Posix Capabilities in Jaunty

Kees Cook kees at ubuntu.com
Fri Mar 13 17:00:44 GMT 2009

Hi Michal,

On Fri, Mar 13, 2009 at 08:41:53AM +0100, Michal Zimen wrote:
> I mean capabilities described for example in this article:
>                    http://www.friedhoff.org/posixfilecaps.html
> It would be better to have system without SUID executable files. Afterall,
> it is not so complicated:)

As far as I know, this is all implemented and working.  The only confusing
thing is the libcap-bin is outdated, and libcap2-bin is the bit that
provides pam_cap.so.


Kees Cook
Ubuntu Security Team

More information about the ubuntu-hardened mailing list