Archives
Archives
| From: | drear <drear@×××.fi> | ||
|---|---|---|---|
| To: | gentoo-hardened@l.g.o | ||
| Subject: | Re: [gentoo-hardened] Keeping SUID bits off | ||
| Date: | Sat, 16 Jun 2007 04:39:01 | ||
| Message-Id: | 200706160737.03865.drear@iki.fi | ||
| In Reply to: | [gentoo-hardened] Keeping SUID bits off by Peter Abrahamsen |
||
| 1 | You can use FEATURES="suidctl" in the make.conf and list the binaries you want |
| 2 | to retain to have a setuid bit (e.g. /bin/su) in /etc/portage/suidctl.conf. |
| 3 | |
| 4 | Jukka Ruohonen. |
| 5 | |
| 6 | On Saturday 16 June 2007, Peter Abrahamsen wrote: |
| 7 | > Good day all, |
| 8 | > |
| 9 | > Is there a way in Gentoo to ensure that once I turn SUID bits on a |
| 10 | > binary off, they won't be turned back on again the next time the file's |
| 11 | > package is upgraded? |
| 12 | > |
| 13 | > Thanks, |
| 14 | > Peter |
| 15 | |
| 16 | |
| 17 | -- |
| 18 | gentoo-hardened@g.o mailing list |