[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: More PATH fallout. Who decided this was a good idea?




On Dec 6, 2008, at 11:52 AM, Steve Grubb wrote:

On Saturday 06 December 2008 11:56:31 Jesse Keating wrote:
ordinary user cannot possibly use these tools since they do not have the

requisite permissions.

Now I'm confused.  Why would the binary have to be suid?

Because if they didn't type --help, we are going to have to log the attempted compromise. Sending an audit event requires CAP_AUDIT_WRITE. You have to be
setuid root from the beginning or not at all.

Can't a non-root user audit now that we have file system capabilities?

joe


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]