On 01/25/2014 06:03 AM, Bruno Wolff III wrote: > On Fri, Jan 24, 2014 at 20:40:28 -0800, > Josh Stone <jistone@xxxxxxxxxx> wrote: >> >> My point was not about what root can do. Suppose there's a vulnerable >> 'sudo' binary that gives everyone a root shell. If that binary is >> available on any executable path, even readonly, that's trouble. > > That isn't true. File systems can be mounted such that suid bits are > ignored. suid executables on such file systems are effectively just > normal executables. Ok, sure, you can mount -o nosuid,noexec,nodev ... but this isn't the default for btrfs subvolume paths AFAIK. It needs to be a conscious decision in whatever snapshot design we choose. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
