FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 10-29-2010, 03:15 AM
"Jason L Tibbitts III"
 
Default RemoveSETUID feature (Was: Summary/Minutes from today's FESCo meeting (2010-10-26) NEW TIME!)

>>>>> "JN" == Joe Nall <joe@nall.com> writes:

JN> On Oct 28, 2010, at 5:08 PM, Richard W.M. Jones wrote:

>> More to the point, I can easily see the setuid bit easily on a
>> binary.
>> How do I tell if these strange/hidden "capabilities" are
>> present on a binary? 'ls' doesn't mention anything.

JN> getcap

Interesting. That's in the libcap package, which is sort of oddly named
because it includes executables. And of course it's multilib, but the
binaries are arch-specific which I believe is a multilib conflict.
Probably needs the executables split out into a libcap-tools packages.

I notice that rpm supports that %caps() directive in the %files list to
specify capabilities. I don't recall seeing that before; how long ago
did rpm grow support for it? It looks like it came in around rpm 4.7,
so all supported Fedora releases have it. However, I'm certain it's not
in RHEL4 and I'm pretty sure it's not in RHEL5 either, so at least the
EPEL folks will need to make a note of it.

- J<
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 

Thread Tools




All times are GMT. The time now is 02:19 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org