8 Jan
2009
8 Jan
'09
15:23
For 11.2, what about using filesystem capabilities to reduce the number of suid executables, in order to reduce the criticality of security flaws? Ultrich Drepper has blogged a short example that is usable in Fedora 10 - http://udrepper.livejournal.com/20709.html LWN Subsriber only content until 2009/01/14 - http://lwn.net/Articles/313838/ More discussion and info on this, if you can read it. The kernel now uses the filesystem capabilities, and at least the default & commonest filesystems support extended attributes (xattr's). -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org