16 Sep
2015
16 Sep
'15
1:23 a.m.
On 2015-09-09 Gilbert E. Detillieux wrote:
I mentioned Linux capabilities (setcap/getcap commands) briefly during last night's round-table session, and Trevor mentioned that he thought that recent Fedora releases had eliminated the use of setuid-root binaries in favour of capabilities-based binaries. (That's the stated goal, in any case.)
Ya, I thought it over and checked my system and it turns out I was thinking about suid scripts; perl in particular. An update or two ago they got rid of suid perl completely, as in made it impossible, and I had to scramble to get some things to work by using sudoers (not capabilities). I guess caps are the next Big Thing. I'll wait until they disable sudoers... (yes Adam, *BSD, grumble grumble.)