http://bugzilla.opensuse.org/show_bug.cgi?id=1171174 Bug ID: 1171174 Summary: security enhancement: no setuid Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: MicroOS Assignee: kubic-bugs@opensuse.org Reporter: lnussel@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- setuid binaries are a potential attack vector for privilege escalation. MicroOS with it's limited scope has chance to close that hole by default and not ship any binaries with elevated privileges by default. Ie set the default level to "paranoid". This will prevent unprivileged (system) users from potentially exploiting - shadow suite tools like passwd, chsh etc - pam helpers unix{,2}_chkpwd - wall, write - clockdiff, ping - dbus-daemon-launch-helper - su - sudo - mount -- You are receiving this mail because: You are on the CC list for the bug.