Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo Development (http://www.linux-archive.org/gentoo-development/)
-   -   useless set*id binaries (http://www.linux-archive.org/gentoo-development/625953-useless-set-id-binaries.html)

Mike Frysinger 01-27-2012 11:14 PM

useless set*id binaries
 
hmm, i wonder why mount.nfs is set*id. if we require everyone to use `mount`,
there's no need for `mount.nfs` to be set*id. someone want to point out
something obvious that i'm missing before i adjust the nfs-utils package ?

along these lines, why is cdrtools set*id ? if we have a "cdrom" group, and
we assign our cdroms/dvdroms to that group, then we already have access
control in place and can skip the set*id.
-mike

Samuli Suominen 01-27-2012 11:18 PM

useless set*id binaries
 
On 01/28/2012 02:14 AM, Mike Frysinger wrote:

hmm, i wonder why mount.nfs is set*id. if we require everyone to use `mount`,
there's no need for `mount.nfs` to be set*id. someone want to point out
something obvious that i'm missing before i adjust the nfs-utils package ?

along these lines, why is cdrtools set*id ? if we have a "cdrom" group, and
we assign our cdroms/dvdroms to that group, then we already have access
control in place and can skip the set*id.
-mike


cdrtools can't probe the drives without the binary being setuid, or the
user belonging to the 'disk' group (and even that is not enough in some
cases if the permissions vary)


All times are GMT. The time now is 01:23 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.