Lol. Actually, OpenBSD has removed sudo (and replaced it with doas). FreeBSD was an early entrant to the Capabilities game with Capiscum, which continues to be one of the leading platforms for it. No idea what NetBSD does. On the other hand, Solaris and AIX (at least) have had Capabilities for at least 15yrs while no-one else noticed. IIRC, UnixWare had them back in 1993! So, really, anyone who thinks this is *new* technology that Linux is introducing (and aren't we just so much more advanced than everyone else)... sorry, dead wrong. (Even *Windows* has had this since the early 90s.) -Adam
On September 15, 2015 8:23:07 PM CDT, Trevor Cordes trevor@tecnopolis.ca wrote:
On 2015-09-09 Gilbert E. Detillieux wrote:
I mentioned Linux capabilities (setcap/getcap commands) briefly during last night's round-table session, and Trevor mentioned that he thought that recent Fedora releases had eliminated the use of setuid-root binaries in favour of capabilities-based binaries. (That's the stated goal, in any case.)
Ya, I thought it over and checked my system and it turns out I was thinking about suid scripts; perl in particular. An update or two ago they got rid of suid perl completely, as in made it impossible, and I had to scramble to get some things to work by using sudoers (not capabilities). I guess caps are the next Big Thing. I'll wait until they disable sudoers... (yes Adam, *BSD, grumble grumble.) _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable