Re: fedora-atomic discussion point: /usr/lib/passwd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 11.04.14 16:09, Colin Walters (walters@xxxxxxxxxx) wrote:

> On Fri, Apr 11, 2014 at 11:33 AM, Martin Langhoff
> <martin.langhoff@xxxxxxxxx> wrote:
> >
> >If you move in this direction, you have to create files/dirs to be
> >owned by the daemon user too.

Hmm, let's think for a moment what kind of files this actually matters
for. In which directories do system users actually own files? 

That'd be suid/sgid binaries in /usr/bin. That'd be working directories
in /run and /var. Anything else?

The latter don't sound too bad, since we can allocate them during late
boot. The fomer is the messy bit.

Maybe the cheap way out is to disallow suid/sgid binaries in /usr/bin
for dynamically assigned UIDs/GIDs. I this day and age, are there still
good usecases for that? 

Lennart

-- 
Lennart Poettering, Red Hat
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux