Re: Fedora 11: moving to posix file capabilities?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Oct 29, 2008 at 8:53 AM, Colin Walters
> Note that from the desktop direction we've been moving the OS away
> from exec-based domain transitions to message passing (e.g. PolicyKit)
> for a variety of reasons.  I think it might be worth considering
> introducing a rule actually in Fedora for "no new SUID/fcap binaries",
> or at least they would have to pass some sort of robust review
> process.


I think I like that idea.  As part of that is there a way we could get
a comprehensive list of the suid binaries we currently carry that
would be grandfather'd in?  So we can know how concerted extra effort
would need to be done to help existing packages come into compliance?

-jef

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux