On Fri, Jan 24, 2014 at 20:40:28 -0800, Josh Stone <jistone@xxxxxxxxxx> wrote:
My point was not about what root can do. Suppose there's a vulnerable 'sudo' binary that gives everyone a root shell. If that binary is available on any executable path, even readonly, that's trouble.
That isn't true. File systems can be mounted such that suid bits are ignored. suid executables on such file systems are effectively just normal executables.
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
